CodeProject: Load an EXE File and Run It from Memory. Free source code and programming help

Announcements

	Windows 7 Comp Win a laptop!
	Monthly Competition

Articles

Desktop Development

Web Development

Enterprise Systems

Content Management Server

Microsoft BizTalk Server

SQL Reporting Services

Platforms, Frameworks & Libraries

Windows Communication Foundation

Windows Presentation Foundation

Windows Workflow Foundation

Cryptography & Security

Threads, Processes & IPC

WinHelp / HTMLHelp

Uncategorised Quick Answers

Graphics / Design

Expression

Usability

Development Lifecycle

Debug Tips

Design and Architecture

Uncategorised Technical Blogs

Services

Code-signing Certificates

Job Board

CodeProject VS2008 Addin

Feature Zones

Product Showcase

Code Signing Resources

WhitePapers / Webcasts

ASP.NET Web Hosting

Advanced Search
Add to IE Search

Discuss

Report

16 votes for this article.

Popularity: 4.82 Rating: 4.00 out of 5

Introduction

This example shows how to load an application and run it from the memory system. After the application load, you can use it without the source EXE file (usually blocked from the system). This is useful when you don't need to have the source EXE file on HDD (e.g. on a USB key).

Using the Code

This example is divided into two simple steps:

The binary reading of the EXE file
Its loading into the Assembly cache of the read result

First Step

Load the EXE file in one stream and read it as an array of bytes:

// read the bytes from the application EXE file
FileStream fs = new FileStream(filePath, FileMode.Open);
BinaryReader br = new BinaryReader(fs);
byte[] bin = br.ReadBytes(Convert.ToInt32(fs.Length));
fs.Close();
br.Close();

Using the FileStream class, it is possible to open the EXE file (location indicated in the filePath variable), read and close it to release resources.

Second Step

Use the Assembly.Load method to load the EXE file (as array of bytes) into the Assembly cache:

// load the bytes into Assembly
Assembly a = Assembly.Load(bin);

Now we can try to find the entry point of the application:

// search for the Entry Point
MethodInfo method = a.EntryPoint;
if (method != null) {
...
}

If an entry point is found, is possible to create an instance of the application Main method and invoke it from our application launcher:

// create an instance of the Startup form Main method
object o = a.CreateInstance(method.Name);
// invoke the application starting point
method.Invoke(o, null);

If all will be ok, the called application will start without using the source EXE file (try to move it to check).

In the demo project zip file, I put a simple application launches one EXE file found in the same folder of the launcher EXE. If there are more than one files, a request file Form starts to ask the user which file to select from the folder.

NOTE: Pay attention to the Application.SetCompatibleTextRenderingDefault method of the called application. Visual Studio 2005 applies this line in the Main method (located inside the Program.cs file) to use the new GDI+ library in our applications, but it will throw an exception because it must be called before the first IWin32Window object is created.

History

24^th April, 2006: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Gianni Marzaloni (ZofM)

Member

Simple C# Developer.

Occupation:	Web Developer
Company:	HTML.it
Location:	Italy

Other popular C# articles:

Asynchronous Method Invocation
How to use .NET to call methods in a non-blocking mode.
IconLib - Icons Unfolded (MultiIcon and Windows Vista supported)
Library to manipulate icons and icons libraries with support to create, load, save, import and export icons in ico, icl, dll, exe, cpl and src format. (Windows Vista icons supported).
I/O Ports Uncensored - 1 - Controlling LEDs (Light Emiting Diodes) with Parallel Port
Controlling LEDs (Light Emiting Diodes) with Parallel Port
100% Reflective Class Diagram Creation Tool
100% Reflective Class Diagram Creation Tool
Processing Global Mouse and Keyboard Hooks in C#
This class allows you to tap keyboard and mouse and/or to detect their activity even when an application runs in the background or does not have any user interface at all.

Article Top

You must Sign In to use this message board.

FAQ
Noise Tolerance Layout Per page

Msgs 1 to 25 of 35 (Total in Forum: 35) (Refresh)

FirstPrevNext

Ok, problem solved

Member 3509854

7:56 3 Feb '09

//NOTE: You have to invoke it on a newly created thread.

MethodInfo method;

private void Form1_Load(object sender, EventArgs e)
{
System.Threading.Thread thd;
System.Threading.ThreadStart ts;

Assembly a = Assembly.Load(LoadEXE()); //load exe into byte array
method = a.EntryPoint;

ts = new System.Threading.ThreadStart(RunNewApp);
thd = new System.Threading.Thread(ts);
thd.Start();

}

private void RunNewApp()
{
if (method != null)
{
method.Invoke(null, null);
}
}

1.00/5 (1 vote)

java

t3dysu

1:35 29 Nov '08

can this be done in java ?
Sign In·View Thread·PermaLink

Re: java

Member 3509854

8:20 3 Feb '09

//this loads a jar from an http address and instantiates the class 'classname'
//just put some code in the constructor of the class if you want to execute it
//when it's instantiated

public void RunClass(String httpfileaddr, String classname) {
URLClassLoader clazzLoader ;
Class clazz = null;
URL url = null;
try {
url = new URL(httpfileaddr);
} catch (MalformedURLException ex) {
Logger.getLogger(cLoader.class.getName()).log(Level.SEVERE, null, ex);
}

clazzLoader = new URLClassLoader(new URL[]{url});
try {
clazz = clazzLoader.loadClass(classname);
Thread.currentThread().setContextClassLoader(clazzLoader);
} catch (ClassNotFoundException ex) {
Logger.getLogger(cLoader.class.getName()).log(Level.SEVERE, null, ex);
}
try {
clazz.newInstance();
} catch (InstantiationException ex) {
Logger.getLogger(cLoader.class.getName()).log(Level.SEVERE, null, ex);
} catch (IllegalAccessException ex) {
Logger.getLogger(cLoader.class.getName()).log(Level.SEVERE, null, ex);
}
}

"Could not load file or assembly"

njuneardave

10:28 31 Jul '08

I modified the code a bit to look into a different directory and pick out my .exe, but I'm getting an error that says:

"Could not load file or assembly '589312 bytes loaded from WinLauncher, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. An attempt was made to load a program with an incorrect format."

The posted code works with the included .exe and some other .exe that I have, so why would it bomb out on another .exe? Maybe .DLL files need to be loaded into memory as well? if so, how would i do this?

EDIT: i think this has to do with my executable being unmanaged code. is there another way to load unmanaged executables?

modified on Thursday, July 31, 2008 5:26 PM

1.00/5 (1 vote)

Why is this necessary?

PIEBALDconsult

18:47 3 Apr '08

Once the program is loaded into memory and is running you can delete the EXE or remove the media with no problem. Don't you remember shuffling floppies under DOS? I even tested it with a .net program today. This looks like the wrong solution to a non-existent problem.
Sign In·View Thread·PermaLink

THIS IS USEFUL! [modified]

sebastiannielsen

11:22 2 Jul '08

This is EXTREMELY useful.

Just think: Load the target EXE into a byte array. Then encrypt it with System.Security.Cryptography.Rijndaelmanaged using a sha256 of the password as key, and then convert the encrypted EXE to a base64 string.

Then you can make a new project, hard code the base64 string and have a password promt. Then the password decrypt the EXE, and run it from memory as described here. Everything is done in a Try...Catch...End Try block so if wrong password is supplied then it can "MsgBox" the user about it.

This can also be used to build a Anti-Piracy wrapper for a application by encrypting it with a key that is a result from a calculation on a valid CD-key. Incorrect CD-key = the application wont decrypt.

Also you can use this to fetch a encrypted EXE from a server and then decrypt it in-memory with a hard-coded key. Now updating has never been as easy as putting your updated EXE into your webspace and Voilá, the application is up2date for everyone that has previously downloaded your application.
This could also be used in Anti-Piracy situations, by just having a CGI script to encrypt your EXE with the supplied serial number as key, and then the target application who downloaded the encrypted EXE decryptes it using the serial as key.

Of course you have a hard coded "salt" value in the application so not anybody with the correct serial can decrypt for themselves.
Then if you see that a specific serial is used at multiple places, just ban that serial and your application can never be used by that serial any longer, since the client application can no longer download the encrypted EXE.

Another fun thing you can do if you let your client fetch the EXE from the internet, is that if the serial in question is marked as piracy, you could make your server send a encrypted variant of some software that install itself in startup and keylog, screenlog, and records sound from attached mic and take some snaps if theres a webcam. Then stuff everything in a packet and then into your server, that will log IP & time too.

Its s simple matter of prosecuting that person for piracy after that, since you both have IP evidence and *image evidence*.

4.00/5 (2 votes)

CMD

koushik_rebaca

3:14 1 Sep '07

How can I load cmd.exe file and pass the "dir/p" as a argument? And after that I need to track the output.
Sign In·View Thread·PermaLink	1.00/5 (1 vote)

mezo_22

11:35 25 Mar '07

ur code is amazing and i downloaded ur program and it worked well but when i tried to create my own program that run exe file it gave me the error that u said in ur note could u help me to prevent this error plz:(:( Best Wishes
Sign In·View Thread·PermaLink	2.00/5 (1 vote)

Re: Hi

Mike_Silver_A

6:41 20 Apr '09

not an author, but... acutally, i use boxedapp to launch my exe secure, it can run any EXE (not only .net) from memory without additional temporary files on disk. btw it also provide a simple function specific for .net (C++ / Delphi notation!): execute .net from memory
Sign In·View Thread·PermaLink

VB Demo (Load an exe file and run it from memory)

Ulambayar

3:47 14 Jan '07

Hi Evereyone, "Load an exe file and run it from memory" forum's decision by Mr.Gianni Marzaloni (ZofM) is looking nice. Could you make it in VB, please? Thanx, Ulambayar
Sign In·View Thread·PermaLink	2.67/5 (3 votes)

Re: VB Demo (Load an exe file and run it from memory)

uyalksouiwh

9:43 2 Apr '07

I have the same problem too. I need the answer. How to write that in VB .Net? I am looking around and the best I got was this: http://www.thescripts.com/forum/thread363965.html[^] using Reflection.Assembly.GetExecutingAssembly().GetMani festResourceStream("") but I can't get it working. Please Help. Ash
Sign In·View Thread·PermaLink

Re: VB Demo (Load an exe file and run it from memory)

Macka007007

22:14 25 Jul '07

try changing using Reflection.Assembly.GetExecutingAssembly().GetMani festResourceStream("") to using Reflection.Assembly.GetExecutingAssembly().GetManifestResourceStream("")
Sign In·View Thread·PermaLink

Re: VB Demo (Load an exe file and run it from memory)

Sheridan101

9:39 21 Nov '07

Here is the code which works in VB 2005.


Dim fs As New IO.FileStream("C:\\MyFile.exe", IO.FileMode.Open, IO.FileAccess.Read)
        Dim br As BinaryReader = New BinaryReader(fs)
        Dim bin As Byte() = br.ReadBytes(Convert.ToInt32(fs.Length))
        fs.Close()
        br.Close()

        Dim a As Assembly = Assembly.Load(bin)

        Dim method As MethodInfo = a.EntryPoint

        Dim o As Object = a.CreateInstance(method.Name)

        method.Invoke(o, New Object() {Nothing})

But, unfortunately, I always got error about “Application.SetCompatibleTextRenderingDefault”

Does anybody have idea what to do about how to overcome this Cry

How to load exe compiled with /clr?

martho2

4:14 10 Jan '07

Hello! Nice code! I tried a small demo-project, and it shows up that the .exe is only started, when it has been compiled with /clr:pure or /clr:save. When using an .exe compiled with /clr only, I got an exception in Assembly.Load: Unverifiable code failed policy check (exception from HRESULT: 0x80131402).

Has anyone a solution for this or is it just not possible to load an assembly compiled with /clr?

1.50/5 (3 votes)

Run x.exe from y.exe without extracting from y.exe which is stored as resource

Rahul A. H.

21:00 29 Oct '06

Hi Everyone, I want to know how to execute a resource of type (.exe file) directly from within my VB application without having to create a .exe file. I mean, running the .exe (resource) directing into memory so that, the file isn't visible to anyone. Thanks in advance. Bye!
Sign In·View Thread·PermaLink	2.00/5 (4 votes)

Re: Run x.exe from y.exe without extracting from y.exe which is stored as resource

Ulambayar

3:42 14 Jan '07

sdfgsrf
Sign In·View Thread·PermaLink	2.00/5 (1 vote)

Re: Run x.exe from y.exe without extracting from y.exe which is stored as resource

Ulambayar

3:43 14 Jan '07

Hi Rahul, If you have solution for that question, share it with me, please? Thanx, Ulambayar
Sign In·View Thread·PermaLink

Re: Run x.exe from y.exe without extracting from y.exe which is stored as resource

Mike_Silver_A

22:48 14 Jun '09

check this tool: boxedapp sdk , that supports launching process from a memory block Hope it helps.
Sign In·View Thread·PermaLink

Re: Run x.exe from y.exe without extracting from y.exe which is stored as resource

Mike_Silver_A

22:47 14 Jun '09

check boxedapp sdk , it supports starting a process from a memory block.
Sign In·View Thread·PermaLink

Can't be used with all exe types

nSerj

10:41 24 Oct '06

These methods don't work with all exe files. Some unmanaged compilations can't be loaded by assembly
Sign In·View Thread·PermaLink	5.00/5 (2 votes)

Re: Can't be used with all exe types

Mike_Silver_A

22:50 14 Jun '09

Yes, because this approach using .net feature to load assembly. To load native EXE files or mixed-mode assemblies it's possible to use boxedapp sdk. But I still can't understand how does they doing this?... thnx.
Sign In·View Thread·PermaLink

Where to use this...

Jun Du

9:43 25 Apr '06

I'm wondering how we can use this technique. One use case could be that we load the EXE into the memory and delete it from the HDD. After we finish the run, copy it back to the HDD. This way we can ensure a single instance of the application across the network (if we map network drives). - It's easier to make than to correct a mistake.
Sign In·View Thread·PermaLink

BIG NOTE! leppie 0:26 25 Apr '06

This will not work for mixed-mode MC++ assemblies. Instead you will get some wacko COM exception with no idea what went wrong. It's the same reason why mixed-mode MC++ assemblies with controls cant be used on the designer surface. xacc.ide-0.1.3.9 - Now with Language Designer
Sign In·View Thread·PermaLink

Why CreateInstance?

Robert Rohde

19:26 24 Apr '06

Hi,

// create an istance of the Startup form Main method
object o = a.CreateInstance(method.Name);

doesn't seem to make any sense to try to create an instance from a method. o will always be null. As the entry point method is always static you can just call Invoke without any instance:

method.Invoke(null, null);

Re: Why CreateInstance?

Preky

22:21 24 Apr '06

I think that without creating assembly instance you can't invoke any method inside that assembly. Greatings, Preky
Sign In·View Thread·PermaLink	2.00/5 (1 vote)

Last Visit: 1:21 9 Nov '09 Last Update: 1:21 9 Nov '09

12 Next »

General News Question Answer Joke Rant Admin

PermaLink | Privacy | Terms of Use
Last Updated: 24 Apr 2006
Editor: Deeksha Shenoy