V1.00 - 24/12/2006 o Add Compressed files to PE File + Unpack code + Loader.. o Packs orig Import table and fills before dropping files.. o Overlay is kept and replaced at end of file.. o Can extract to 8 different paths (and any sub-path) ..
Description:
Imploder is a plugin that allows you to add other files to a PE-file..
The files you add are compressed and added to a built-in archive, which is embedded within a loader that is appended in a new section to your target PE-file..
Each file can be decompressed to a seperate directory, and loaded from within your program.. Sub-directories can also be added, and are created if the sub-dir doesn't exist.. Some of the built-in extract directories include: My Documents, Program Files, Exe Path, Current Dir, Temp Dir, Windows Dir, System32 ..
So if you wanted to extract a font, select Extract dir of Windows and sub-dir of Fonts and the font will be extracted to C:\Windows\Fonts\ - or whatever the windows drive and dir is on the host computer.
You can now load DLLs virtually, which means that the DLL does not need to be extracted before use which is a lot more secure and also your program will definately find the DLLs it needs on any system..
The import table is also removed and filled by the loader, to allow you to include DLLs that may not be available on a host system.
It is upto you and your target program to delete files after use, should you want to..
You can choose (since v1.03) to add a file to the archive, but not extract it. There is now an API from the loader you can call from within the host program to extract a file..
Function ExtractFile(Name : PChar; Path : PChar) : DWord; StdCall;
To get the address of the API, use GetProcAddress as usual except put null as the LibBase..
EG: Extract := GetProcAddress(0, 'ExtractFile');
This might be used for a program that only occassionally needs to drop a file somewhere, or for an installer maybe. The path passed to the function (and any sub-dirs) are created if they don't exist ..
Since v1.04, if you put a filename at the end of the path name, the file will be extracted to this name instead of as name in archive. Also since v1.04 there are more apis:
OpenFile (NameInArchive) : DWord; StdCall; -- Unpacks and loads file into allocated mem, return address.. CloseFile (Handle : DWord); StdCall; -- Frees memory used by file, and handles .. FileExists (NameInArchive) : DWord; StdCall; -- Returns 0 if not found, 1 if found .. (doesn't have to be open) SizeFile (NameInArchive) : DWord; StdCall; -- Returns unpacked size of file (doesn't have to be open)
Example usage (Delphi - Actually from my plugins installer, which is built using Imploder) :
Var Addr : DWord; Size : DWord; .. IF FileExists('MusicData') THEN Begin Addr := OpenFile('MusicData'); Size := SizeFile('MusicData'); BeRoXM.Module.Load(Addr, Size); CloseFile(Addr); End;
Also, since v1.04, you can load a file from the archive using normal apis, just as if the file exists on disk.. If the file exists it is given preference to the archive version, if you don't want this - delete the file from disk..
Example:
Var hFile : DWord; Size, I : DWord; S : String
hFile := CreateFile('MusicData', GENERIC_READ, FILE_SHARE_READ, nil, Open_Existing, FILE_ATTRIBUTE_NORMAL, 0); If hFile = INVALID_HANDLE_VALUE Then Exit; Try Size := GetFileSize(hFile, Nil); SetLength(S, Size); ReadFile(hFile, @S[1], Size, I, Nil); Finally CloseHandle(hFile); End;
..The only difference between this and 'normal' code is that createfile returns the address of the file in memory (it is unpacked into virtual memory) so you can use the return of createfile api just the same as using the internal api OpenFile() above ..
If you don't understand a word of this, you probably downloaded the wrong file.. !
Features:
o Simple archive format to allow many files bundled with just one section added.. o Works with many file-types, even packed files! (Tested with UPX, PECompact2 and others) o Overlay aware - any overlay is saved before processing and added to end of file after loader section added .. o Imports are fully processed from within loader, so you can include DLLs that are imported by host file.. o Many standard system directories can be used as extract path, and subdirectories are created if not existing.. o Smallest possible Import Table.. (I think - tell me if I'm wrong :) No, you can't remove it entirely, Win 2000 crashes.. o Resulting bundled file can be compressed after other files added.. o Virtual DLL loading .. o Use files within built-in archive virtually - without extracting to disk .. o It's free !
