Skip to content
/ IDLL-Loader Public

Internal DLL loader that can bypass some anticheats and load dll into process memory.

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chadlrnsn/IDLL-Loader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.vscode
.vscode
 
 
IDL
IDL
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
CMakePresets.json
CMakePresets.json
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
c_cpp_properties.json
c_cpp_properties.json
 
 

Repository files navigation

Internal DLL Loader with Memory Protection

A sophisticated DLL loader that pre-allocates memory space and maintains execution rights throughout the DLL lifecycle.

Features

  • Pre-allocates memory space at random address
  • Continuously monitors and restores memory protection rights
  • Supports dynamic DLL loading/unloading
  • Memory protection against external modifications
  • Detailed logging of all operations

How to build with Visual Studio

  1. Open the project in Visual Studio
  2. Select the build preset (win-x64-release or win-x64-debug)
  3. Build the project

How to build with CMake

  1. Clone the repository
  2. Open console in the project directory
  3. Run cmake --preset win-x64-release
  4. Run cmake --build --preset win-x64-release

How It Works

  1. Initialization:

    • Allocates memory space with PAGE_EXECUTE_READWRITE permissions
    • Calculates required space by reading the target DLL's PE headers
    • Chooses random memory location for allocation
    • Starts memory protection monitoring thread

  2. Memory Protection:

    • Continuously monitors allocated memory region
    • Automatically restores PAGE_EXECUTE_READWRITE permissions if changed
    • Provides logging of any protection changes

  3. DLL Management:

    • Loads DLL on demand (F6 key)
    • Properly initializes DLL entry point
    • Supports clean unloading (F7 key)
    • Graceful shutdown (F9 key)

Usage

  1. Setup:

    • Place your target DLL (named example.dll) in the same directory as the loader
    • Inject the loader DLL into your target process

  2. Controls:

    • F6: Load example.dll
    • F7: Unload example.dll
    • F9: Exit loader

  3. Monitoring:

    • Console window shows real-time status and operations
    • Displays memory addresses and protection states
    • Reports any attempts to modify memory protection

Technical Details

  • Uses Windows API for memory management
  • Implements PE header parsing
  • Maintains memory protection through VirtualProtect
  • Supports x64 architecture
  • Thread-safe operations

Requirements

  • Windows operating system
  • Administrative privileges (for some operations)
  • Target process must allow DLL injection
  • Example.dll must be present in the same directory

Security Features

  • Random memory allocation
  • Continuous memory protection monitoring
  • Protection rights restoration
  • Privilege verification
  • Detailed error reporting

Error Handling

The loader provides comprehensive error reporting for:

  • Memory allocation failures
  • DLL loading issues
  • Protection changes
  • Access violations
  • General operation errors

Notes

  • Ensure your target DLL is compatible with the process architecture
  • Monitor console output for operation status
  • Memory protection monitoring runs until loader is unloaded
  • Clean shutdown is recommended using F9 key

About

Internal DLL loader that can bypass some anticheats and load dll into process memory.

Topics

dll-injector

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages