About freestanding EXE-files in Pelles C

[pink]

Hi, i wanna make a executable that does not import kernel32.dll or any dlls, other then the ones i specify

love your software!

[frankie]

Hello Pink, welcome.
You can use the linker switch "-nodefaultlib". In this case no default library will be searched.
Remember that you have to explicitly specify all libraries required, even the PellesC C runtime.

[Vortex]

Hi pink,

Your executable should import from kernel32.dll You must to take in account that this type of executables not importing from kernel32 could trigger the attention of antivirus software. Here is a Poasm example for you :

Code: [Select]

.386
.model flat,stdcall
option casemap:none

include PEBstruct.inc

MB_OK equ 0

GetProcAddr PROTO :DWORD,:DWORD

.data

LoadLibrary db 'LoadLibraryA',0
MessageBox  db 'MessageBoxA',0
ExitProcess db 'ExitProcess',0
user32      db 'user32.dll',0
msg         db 'Hello from MessageBox',0

.code

start:

    call    main

    push    0
    call    eax                 ; Call ExitProcess

main PROC uses esi ebx

    mov     ebx,[fs:030h]       ;   PEB
    mov     ebx,[ebx+00Ch]      ;   PEB->Ldr
    mov     ebx,[ebx+014h]      ;   PEB->Ldr.InMemoryOrderModuleList.Flink (1st entry)
    mov     ebx,[ebx]           ;   2nd Entry
    mov     ebx,[ebx]           ;   3rd Entry
    mov     ebx,[ebx+010h]      ;   Third entry's base address (Kernel32.dll)

    invoke  GetProcAddr,ebx,ADDR LoadLibrary

    push    OFFSET user32
    call    eax

    invoke  GetProcAddr,eax,ADDR MessageBox

    push    MB_OK
    push    OFFSET user32
    push    OFFSET msg
    push    0
    call    eax                 ; Call MessageBox

    invoke  GetProcAddr,ebx,ADDR ExitProcess

    ret

main ENDP

END start