Ok... im working on some kind of protection scheme.... i cant figure out how to do this:

1. make an application and include a file with it (as a resource)
2. extract that file in the same directory
3. has the ability to change that file (in the resource) with some other file... anyone?
Posted on 2002-06-21 10:57:14 by Tsongkie[ii]
sure, there are two possibilities that came into my mind:

1) include the program in the resource file (sorry, dunno how to do that but i'm pretty sure, that this is possible too)

2) put the program into your .data section. that means: create for example an include file that will take the data from the included program.

file.inc:

.data
blah db 50h,30h,70h,0AFh, .......... etc.

i even have a program that can create this DBs from your binary file, i attached it to this post.

then, just create a new file with "CreateFile", and use "WriteFile" to write the bytes into it. don't forget to "CloseHandle" :tongue:

as the file is in DB format included into your program, you're always able to change the DBs in the "blah" variable. just set a pointer at the correct location and change the bytes.

i think this should do the trick.. hope this helps..

cya,
-NOP-
Posted on 2002-06-21 11:19:35 by NOP-erator
hey thanks a lot :) Wont i have any problems if i changed the bytes of the included exe to bytes of a larger exe?
Posted on 2002-06-21 11:36:23 by Tsongkie[ii]
sorry, but you will! it's the same with patching binary exe files..the file size must stay the same.. when you try to add bytes to the DB string, the program will crash or even don't run. i don't exactly know what do you want to add, but try to add "NOP" instructions into the code, this should give you some more bytes that you can change (you should do this in teh source of the included file of course, and then recompile)

bye,
-NOP-
Posted on 2002-06-21 12:00:39 by NOP-erator
Yeah, 90's might help. Thanks a lot dude :D
Posted on 2002-06-21 12:12:49 by Tsongkie[ii]
ok... having some problems...

see, i made an include file like this:

file1 db 90, 87, 89 blah,
db blah blah,
db and so on....


now i made this code:


invoke CreateFile, addr Fname, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ,NULL,CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL,NULL
mov fhandle, eax
invoke SetFilePointer, fhandle, NULL, NULL, FILE_BEGIN
Invoke WriteFile,fhandle,addr file1,addr bufferlen,0,0
invoke CloseHandle,fhandle


where bufferlen dd ?

that should have made a new file... but the new file contains 0 bytes...
Posted on 2002-06-21 13:17:40 by Tsongkie[ii]
SetFilePointer is redundant. CreateFile automatically starts at the beginning.

Your WriteFile should look something like this:
invoke WriteFile,fhandle,addr bytedata,[b]numbytes[/b],addr byteswritten,0
Posted on 2002-06-21 14:58:13 by tenkey
if you tried tenkey's proposal and it still doesn't work, try to change into this:



invoke CreateFile, addr Fname, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ [b]or FILE_SHARE_WRITE[/b],NULL,CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL,NULL


hope this helps,
-NOP-
Posted on 2002-06-21 16:47:46 by NOP-erator

but try to add "NOP" instructions into the code


aren't you being a bit egotistical? jks :grin:
Posted on 2002-06-21 22:28:47 by jademtech
:grin: :grin: :grin:

regards,
-NOP- ;)
Posted on 2002-06-22 04:21:50 by NOP-erator
You don't have to SetFilePointer, the file will be at position 0
when opened. Also, it ought to be


invoke SetFilePointer, fhandle, 0, NULL, FILE_BEGIN

as the "lpDistanceToMove" is a dword, not a pointer do a dword. I know,
this is pretty anal since the output code will be exactly the same, but
imo it's nice to be able to see what are pointers and whare are integer
values :).

Instead of using the "db" files, you might want to check out my bin2o
utility, which you can find on my site (http://f0dder.didjitalyphrozen.com),
under the tools section. It's faster :).

Updating the data-in-exe must be done in an external program, as you can't
write to a running image.

As a final note, if you're using this to drop an exe for and execute it,
this will not give you any 'protection' at all, and will only add negative
stuff... like slightly (depending on exe size) longer loadtime etc.
Posted on 2002-06-22 05:00:06 by f0dder
hi,

but how to access the data that was linked to my program then? i mean, after i used bin2o...

cya,
-NOP-
Posted on 2002-06-22 10:49:49 by NOP-erator
Hello everyone, thanks for the reply...

I got it working thanks a lot :D


Invoke WriteFile,fhandle,addr File1,numberofbytes,addr bread,0


now the numberofbytes was declared like this:

numberofbytes equ 4564 (Size of file)

the only problem is that when i change the contents to another file, doesnt matter if it is larger or smaller, it will still write the dedault numberofbytes which is 4564...

any ideas fixing it?

Fodder:
I'm kinda new at this... sorry, but i couldnt find out how to change the file with another program...
Posted on 2002-06-22 11:20:35 by Tsongkie[ii]
NOP, if you make a symbol like "_myExternData" you should be able
to access it like "EXTRN C myExternData:dword" or whatever. It's
about knowing your language, calling convention (etc). Right now
it's saturday and I've been to town (if you catch my drift ;)) but if
you can't get it working I'll post an example and update the docs.
It really is simple :).

Cheers!
Posted on 2002-06-22 22:40:22 by f0dder
Tsongkie,

There is a standard toy in MASM32 called BIN2DB.EXE that will do what you are after, it writes the DB sequence and gives you the length so all you need to do is put your own label befor it and read from that address directly to the open file.

egards,

hutch@movsd.com
Posted on 2002-06-23 02:27:46 by hutch--

Tsongkie,

There is a standard toy in MASM32 called BIN2DB.EXE that will do what you are after, it writes the DB sequence and gives you the length so all you need to do is put your own label befor it and read from that address directly to the open file.

egards,

hutch@movsd.com


Hi, That was what i did. I just have problems changing the file included to another file...
Posted on 2002-06-23 06:24:02 by Tsongkie[ii]
Don't know if someone's already suggested this but appending the file to the end of the exe always worked fine for me. Simply stick it on the end and the length of it wont matter!
Posted on 2002-06-24 10:44:35 by Rama
yeah :D it actually worked :D
Posted on 2002-06-25 13:22:54 by Tsongkie[ii]
Glad you're happy :P You can put any amount of files at the end and encrypt it any way you want. Not quite sure exactly what you want to do though. Are you making some kind of exe encryptor?
Posted on 2002-06-25 13:49:59 by Rama