Portable Executable launcher for Windows NT bypassing loader
This program lets you trick the Windows NT low-level Portable Executable (.exe
) loader. It lets you load a valid executable and then replace its memory with any other portable executable you want, even if Windows does not like the target executable.
Visit artifacts page on AppVeyor
stub.exe
(any valid executable, which may be changed by the user) in the paused statestub.exe
and loads all the executable resources into memorytarget.exe
and replaces stub.exe
memory with the target resourcesstub.exe
, the actual program that's loaded into memory is target.exe
stub.exe
There is no specific reason. This was made just for fun.
winnt32.exe
). PELauncher tricks the system and successfully launches a soft-locked setup executable on any Windows. However, for some reason, it failed to resolve winnt32u.dll, so an investigation is needed.smss.exe
(for example, the Windows XP version) on Windows 11, then it's going to crash the system completely without administrator permissions.Visual Studio 2017 was used to create this project.
Initially, this program was made in VC6 for compatibility with old systems, like Windows NT 3.51:
But then the VS2017 solution was force-pushed instead of VC6 commits.