because of this strangely lost thread 'pe-header'
i decided to write an exe-binder on my own... it
was'nt such extremly hard but harder than expected
at first. i thought this kind of stuff is only used for
stupid kiddies who bind their trojans to counterstrike
or things like that but i'm realized that it could be
usefull for a programmer too (for example to link a
couple of tools together...). only thing that doesn't
work is: CreateProcess don't like it when i'm passing
parameters for the guest-prog inside the host, this
feature IS available but it doesn't work for now, maybe
someone of you have the time to fix it, i do not have
any clue why the **** this simple thing doesn't work.
everything else should work fine (tested only on w2k).

ah and compuholic, i don't wanted to steal your idea or
something like that, there are 1000+ pe-mergers available
at this time... i only wanted to write my own :)
Posted on 2002-06-03 07:25:59 by mob
because of this strangely lost thread 'pe-header'

That thread was deleted by hutch. apparantly it is "virus technology".

Mob I'm going to take a look at your code, are you saing you can start the guest program without saving it to a temp file?
Posted on 2002-06-03 07:49:00 by Kudos
no, a temp file IS created but you have the ability to
choose 'wait until process is finished' and the stub
will only run the host-code if the guest is terminated,
the tmp file is deleted then... ah i forgot to metion that
'unlimited' binding to ONE executable will be allowed
if you comment this two lines:

CMP DWORD PTR [ EDI + 04CH ], 0
JNZ _ERR
Posted on 2002-06-03 07:55:26 by mob
@mob:

no problem. If I just wanted to have an exe-binder I would have downloaded it from somewhere else. I was just interested in the "how does it work".

btw. I got it working, too. (Yeah, I proud because it my first "real" asm-project)

And hutch: Sorry, but this thread was not intended to support viral-coding activities(I know your opinion about this type of "programs" and I share it, too (although not quite to your extend))
Posted on 2002-06-03 11:03:08 by Compuholic