Simple Loader + Free COFF

This is a Simple Loader that executes a Crystal Palace PICO to free() the loader before passing execution to the DLL.

Project Files

🔬  changes.diff
📃  free.c
📕  LICENSE.txt
📃  loader.c
📃  loader.h
🔮  loader.spec
📃  loaderdefs.h
🔨  Makefile
📃  picorun.h
📃  resolve_eat.h

Notes

changes.diff shows the changes between Simple Loader and this project. The only differences are the code to reference and run our added PICO.

We determine our PIC address to free() it by referencing the go function at the start of loader.c. This is trivial on x64. For x86, Crystal Palace patches in the offset from our instruction's that reference go to go. This isn't the needed full-address though. We determine the full address by adding that patched-in offset to the result of the caller() function + 5 bytes.

free.c is the source code to our PICO (Crystal Palace COFF) to free() its caller before passing execution to our DLL.

picorun.h are the functions to run a PICO. Note, this is not a generic COFF runner. A PICO is a COFF with several parts stripped out and loading directives prepended to it.

License

This project is licensed under the GNU General Public License version 2 (GPLv2) or later..

© 2025 Adversary Fan Fiction Writers Guild