hello
im new at assembly (in english too) and i have a question as you may guess: can i add new lines to exe file? its just for experimental causes not for hack, crack or something like that. i wanna protect my software. so i mean if i open exe with hex editor, and insert few bytes (for example opcode of mov command and operand) is program works fine? (okay im sure its bad, very bad grammar. sorry for that) if it can be done, we're not safe at all. anyway, thanks for your helps.
Posted on 2009-05-28 13:51:54 by kcomeby
That's basic file editing. Of course you can open a file (CreateFile) read it into a buffer (GlobalAlloc & ReadFile) and then alter bytes whereever you please and save it using WriteFile.

Look into Iczelions File Tutorials at http://win32assembly.online.fr/tut12.html
Posted on 2009-05-28 14:09:11 by JimmyClif
thank you but you got me wrong. its probably cuz of my english.

okay i can give you an example:
lets say i write a program with assembly. its 1000 lines of code. somebody dissambled it and he/she inserted "mov eax, 1" line between 900 and 901 lines. so now its 1001 lines. is it possible? i mean ofcourse possible with hex editing but is program works fine? maybe memory locations, or something like that can cause problems. because codes changed. i hope its more easier to understand. thank you again :)
Posted on 2009-05-28 14:24:37 by kcomeby
relative addresses for some instructions will become invalid, hardcoded absolute addresses will also become invalid. Executables (which afaik can usually be relocated just as DLLs sometimes are) may contain fixup-tables that you can use for some of the stuff, but even with perfect implementation I bet 99% of executables will not be completely fixed-up.
So, theoretically such fix-ups can be done if you wrote and have the asm srccode (not disasm).
And practically: no, such fix-ups cannot be done.
Posted on 2009-05-28 15:00:34 by Ultrano
hmm i dont know how assembly works. you said relative adresses, you mean "jmp <absolute adress>" by that right? or i got it all wrong? so if i add lines before <absolute adress> things get complicated right? and actually i have another question:
i guess in the end all procs and variables actually a memory point. i mean if i declare variable named "abc" when its assembled its turned to memory adress like "34242..". but now im thinkin its not correct. cuz you didnt mention that? hmm. im confused :) . maybe you can explain how memory works with assembly with few lines. i've googled but failed :) thank you again.
Posted on 2009-05-28 15:36:05 by kcomeby
Perhaps instead of google, you can refer to opcode docs and type several lines of asm to see their resulting hex :) .
Posted on 2009-05-28 15:49:38 by Ultrano
actually i've tried that but its hard to understand how assembly deals with memory with that way. im just want to know whats happening to variables after assemble process. there is only instructions, jmps, calls in tutorials, or i cant find more detailed, and easy to understand tutorials. and btw thank you again :) (oh im bad at english)
Posted on 2009-05-28 16:03:29 by kcomeby
I guess you are talking about patching the exe. There are ways of course, but it is not suitable for this forum.
Posted on 2009-05-28 19:28:10 by roticv