Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get All DLLS For A Process

Tags:

c#

.net

process

dll

I would like to get a list of all the dlls loaded for a given Process. I am currently using .NET Framework 4.0. I am aware that there is a bug when trying to access all managed dlls through the Process.Modules property. (Only lists the unmanaged dlls). I need a way to programmatically retrieve all of these dlls.

 Process[] myProcess = Process.GetProcessesByName("MyProcess");
 if(myProcess.Count() > 0) 
 {
      foreach (ProcessModule processModule in myProcess[0].Modules)
      //get information
 }

EDIT: The process I am interested in is not in the current AppDomain.

like image 732
Matthew Avatar asked Feb 13 '13 21:02

Matthew

People also ask

How are DLL files loaded?

DLL files may be explicitly loaded at run-time, a process referred to simply as run-time dynamic linking by Microsoft, by using the LoadLibrary (or LoadLibraryEx ) API function. The GetProcAddress API function is used to look up exported symbols by name, and FreeLibrary – to unload the DLL.

What does a DLL injector do?

In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend.

Which tool is useful to obtain the list of imported functions in a Windows binary?

You can use dumpbin.exe or depends.exe from Visual Studio, or the free dependency walker to examine these types.

How do I stop a DLL from running?

If you want to stop running specific dll, here is the instruction : Go and find "Search" button in "Start" menu. You should search "All files and folders," then type the name of that DLL file you want to stop running into the search dialog box. Locate the DLL file and write down the full file path for the DLL file.

1 Answers

I am aware that there is a bug

No, that's not a bug. It was an intentional design change in CLR v4, Microsoft did not keep that a secret. Previous versions of the CLR made an effort to emulate loaded assemblies as though they were unmanaged DLLs. But that just stopped making sense when they implemented the side-by-side in-process CLR versioning feature. It's gone and won't come back.

This isn't exactly a major problem, getting the list of loaded assemblies in another process is well supported by the debugging interface. ICorDebugAppDomain::EnumerateAssemblies() is the ticket. Well, not exactly as easy to use as Process.Modules. Use the MDbg sample to find out how to use it.

like image 108
Hans Passant Avatar answered Sep 29 '22 08:09

Hans Passant
Sign in to Comment

Related questions

SQLite for windows phone 8 does not compile
How to create nested custom configuration section in c#?
What's the point of Enumerable.ElementAt<TSource>?
How to generate report in word 2010 using c# , dot net, word templates, xml [closed]
JavaScript Object.create and IE8
Centering text on a button in a WinForms application
How to write a custom POCO serializer/deserializer?
Best practice for protobuf-net, versioning and surrogate types
SQL Connection String with Instance Parameter
converting IP to byte/convert back to string
How to specify Response class and return Status Codes using Swagger/ServiceStack
How do I know whether a character to a given language? In Unicode string [duplicate]
.Net Custom TraceListener.TraceEvent not firing
DateTimeZone to/from database
AIR NativeProcess standardInput not connecting to app
How to get MethodInfo of interface, if i have MethodInfo of inherited class type?
Getting started developing add-in for powerpoint
Programmatically assigning IIS Application Pool Identity "users" to Groups
how to use where for operators at generics class c#? [duplicate]
Using a custom query to select items where their id exists within a list of IDs

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!