Search code examples
windowsdelphiwinapidllportable-executable

Switch between DLL and .EXE with COM Support in Delphi

I have the following situation:

I have a delphi application {$APPTYPE GUI}. (APP1)

If APP1 gets started, it runs the code between begin and end., just as it should be.

Later, APP1 will be transformed to a DLL (another application will do that - APP2).

APP2 adds the IMAGE_FILE_DLL flag to the Characteristics in the NTFileHeader of APP1. Then APP2 tries to load the DLL (APP1) with LoadLibrary (or some other COM Command to load a dll) but it returns the error:

Windows encountered an internal error while initializing COM libraries.

I've done all this with a C project and used the WinMain function. However it seems not to work in Delphi (APP1 gets not started as a DLL). How is it possible to convert APP1 to a working DLL?

EDIT:

I'm trying to port this code from C to Delphi : http://level-23.info/forum/showthread.php?14721-UAC-Bypass-for-Windows-7-RTM-SP1-Windows-8-DP&p=31749

I've ported it correctly and everything works but the CRYPTBASE.dll (APP1) doesn't start . (See Error above)

In a nutshell: Create a delphi application, add the IMAGE_FILE_DLL characteristics in the file header. Rename it to CRYPTBASE.dll and copy it to C:\Windows\System32\sysprep. Then start sysprep.exe

INFOS HERE: http://www.pretentiousname.com/misc/W7E_Source/win7_uac_poc_details.html

Solution

  • WinMain is a just a name, by convention, to use as the entry point of an executable. The convention for DLL's is to use the name DllMain. The Windows loader does not search for WinMain and LoadLibrary does not search for DllMain, it just calls the entrypoint in the pe header.

    Delphi doesn't use either, the exported name of the entry point is start.

    WinMain signature differs from DllMain (WinMain takes four parameters), my suggestion is to declare a function DllMain and export it in your exe:

    function DllMain(hinstDLL: THandle; fdwReason: DWORD; lpvReserverd: Pointer): BOOL; stdcall;
begin
  // do something
end;

  exports
    DllMain;

    The code that modifies your exe (in mem I presume) to be a dll should set the entry point to DllMain (get it's address by walking the EAT).

    Also: make sure that the relocation table it not stripped (in release mode) as DLL's require it when they are rebased.