Write data to EXE file - Steffan-68 - 05-14-2023
How to attach data (sound, image, etc.) to EXE files has been shown here several times.
My only question is, can the actual program also write itself, or is that only possible with a separate program?
If a program is running, you can still open it for reading, but writing is denied.
So the system, with me Windows denied the write access when a program is running.
Here's the question, is there a way to bypass the system lock?
Example program, even started as an administrator does not work. ( Regtest.bas )
Code: (Select All) '====================Declarirung fr die Registrirung==========================================================================================
Declare Dynamic Library "kernel32"
FUNCTION GetVolumeInformationA& (lpRootPathName$, lpVolumeNameBuffer$, BYVAL nVolumeNameSize~&, _
lpVolumeSerialNumber~&, lpMaximumComponentLength~&, lpFileSystemFlags~&, lpFileSystemNameBuffer$, BYVAL nFileSystemNameSize&)
End Declare
Declare Library: Function GetDriveType& (d$): End Declare
Dim Shared DriveType As String, SERIALFOUND As String
Dim As _Float Regist
Dim As _Float FileSize
'========================Ende der Registrirung=================================================================================================
MyAppName$ = Mid$(Command$(0), _InStrRev(Command$(0), "\") + 1)
'If MyAppName$ <> "Register-3.exe" Then System
'Open ".\Register-3.exe" For Input As #1
'FileSize = LOF(1)
'Close #1
'If FileSize = 592187 Then Else System
'===========================Code fr die Registrirung==========================================================================================
Test% = 0
SERIALSSHOW:
For q = 1 To 26: X = GetFileInfo(q): 'If SERIALFOUND <> "!!!-!!!" Then Print " "; Chr$(64 + q) + ": "; SERIALFOUND
If SERIALFOUND <> "!!!-!!!" And Test% = 0 Then
Temp$ = SERIALFOUND
Test% = 1
End If
Next q
'Print Temp$
'file$ = _OpenFileDialog$("Datei Öffnen", "", "*.EXE", "Programdatei", 0)
file$ = ".\Regtest.exe"
Open file$ For Binary As #1
FileSize = LOF(1)
t$ = "NR"
check$ = " "
Color 3, 5
'Print FileSize
Get #1, FileSize - 1, check$
'check$ = _MK$(_Float, Regist)
'check$ = Left$(check$, 3)
'check$ = Right$(check$, 2)
'Print check1$
'Print check$
Regist = 0
Select Case UCase$(check$)
Case "VC" 'verified copy. All is good
Get #1, FileSize - 10, Regist
String1$ = _MK$(_Float, Regist)
String1$ = Left$(String1$, 9)
'Print String1$
'Print Temp$
If UCase$(String1$) = UCase$(Temp$) Then
Print "You have a paid copy of this software. All is good."
Else
Print " Illegaler Programm Aufruf !!!!!!!"
_Delay 5
Close #1
System
End If
Case "NR" 'already has a timestamp, is a limited time test version. Toss NAG Screen.
Print "This is a trial version of the program."
Registrierung$ = _InputBox$("Regtest Registrierung", "Geben sie bitte den Registrierungs Code ein:", "Demo")
If Registrierung$ = Chr$(36) + Chr$(82) + Chr$(101) + Chr$(103) + Chr$(105) + Chr$(115) + Chr$(116) + Chr$(101) + Chr$(114) + Chr$(64) Then '$Register@
Get #1, FileSize - 10, Regist
String1$ = _MK$(_Float, Regist)
Color 3, 6
String1$ = Left$(String1$, 9)
If UCase$(String1$) = UCase$(Temp$) Then
Print "Programm wurde manipuliert"
Else
Print "Schreibe VC in Datei"
Sleep 5
Temp$ = Temp$ + "VC"
Put #1, FileSize - 1, Temp$
Print "Programm wurde Registriert "
_NotifyPopup "Regtest", "Ihre Registrierung war Erfolgreich", "info" ' "info" , "warning" oder "error"
Close #1
_Delay .5
'Open file$ For Binary As #1
'FileSize = LOF(1)
'Get #1, FileSize - 10, Regist
'String1$ = _MK$(_Float, Regist)
'Color 3, 6
'String1$ = Left$(String1$, 9)
'Print "RegTest " + String1$
Sleep
Close #1
End If
Else
Print " Ihr Code ist Falsch "
_NotifyPopup "Regtest", "Ihre Registrierung ist Fehlgeschlagen", "warning"
End If
Case Else 'first run.
Print "Illegal copy of software! Terminating Now!"
Print " Schreibe NR in Datei"
Sleep 5
'Print check$
Put #1, FileSize + 1, t$
'Print t$
Sleep
Close #1
End
End Select
Close #1
'=======================================Code ende Registrirung ====================================================================
'==================================Funtionen fr die Registrirung =================================================
Function GetFileInfo (D)
SERIALFOUND = "!!!-!!!":
If DRIVEEXISTS(D) <> 1 Then GetFileInfo = 0: Exit Function
Dname$ = Chr$(D + 64) + ":\": Sname$ = Space$(260)
R = GetVolumeInformationA(Dname$ + Chr$(0), Vname$, 260, serial~&, empty1~&, empty2~&, Sname$, 260)
If R = 0 Then Exit Function
Sname$ = Left$(Hex$(serial~&), 4) + "-" + Right$(Hex$(serial~&), 4)
SERIALFOUND = "" + Sname$ + ""
GetFileInfo = -1
End Function
'---
Function DRIVEEXISTS (V)
DRIVEEXISTS = 0: varX$ = Chr$(V + 64) + ":\" + Chr$(0): VarX = GetDriveType(varX$): If VarX > 1 Then DRIVEEXISTS = 1
End Function
'===========================================Ende der Registrirung==========================
RE: Write data to EXE file - SMcNeill - 05-14-2023
A running EXE tends to lock itself from external changes. You can read from it, or copy from it, but once it's running, you can't just alter it. The only way you'd be able to do something like you're talking about would be to copy the EXE to a back-up file, write to that back-up EXE, then write a quick script for DOS to execute after you close the EXE (usually a SHELL _DONTWAIT "batch.bat" followed immediately with a SYSTEM will work just fine) which will delete the old EXE, rename the new backup EXE to the old name, and then restart with the changed EXE (if a restart is needed and you're doing the update when the program closes anyway).
RE: Write data to EXE file - Steffan-68 - 05-14-2023
(05-14-2023, 05:41 PM)SMcNeill Wrote: A running EXE tends to lock itself from external changes. You can read from it, or copy from it, but once it's running, you can't just alter it. The only way you'd be able to do something like you're talking about would be to copy the EXE to a back-up file, write to that back-up EXE, then write a quick script for DOS to execute after you close the EXE (usually a SHELL _DONTWAIT "batch.bat" followed immediately with a SYSTEM will work just fine) which will delete the old EXE, rename the new backup EXE to the old name, and then restart with the changed EXE (if a restart is needed and you're doing the update when the program closes anyway).
Thank you for your quick response.
I was hoping that there would be another way, but that's the way it works.
Here is the revised example (Regtest2.bas)
Code: (Select All) '====================Declarirung fr die Registrirung==========================================================================================
Declare Dynamic Library "kernel32"
FUNCTION GetVolumeInformationA& (lpRootPathName$, lpVolumeNameBuffer$, BYVAL nVolumeNameSize~&, _
lpVolumeSerialNumber~&, lpMaximumComponentLength~&, lpFileSystemFlags~&, lpFileSystemNameBuffer$, BYVAL nFileSystemNameSize&)
End Declare
Declare Library: Function GetDriveType& (d$): End Declare
Dim Shared DriveType As String, SERIALFOUND As String
Dim As _Float Regist
Dim As _Float FileSize
'========================Ende der Registrirung=================================================================================================
MyAppName$ = Mid$(Command$(0), _InStrRev(Command$(0), "\") + 1)
'If MyAppName$ <> "Register-3.exe" Then System
'Open ".\Register-3.exe" For Input As #1
'FileSize = LOF(1)
'Close #1
'If FileSize = 592187 Then Else System
'===========================Code fr die Registrirung==========================================================================================
Test% = 0
SERIALSSHOW:
For q = 1 To 26: X = GetFileInfo(q): 'If SERIALFOUND <> "!!!-!!!" Then Print " "; Chr$(64 + q) + ": "; SERIALFOUND
If SERIALFOUND <> "!!!-!!!" And Test% = 0 Then
Temp$ = SERIALFOUND
Test% = 1
End If
Next q
'Print Temp$
'file$ = _OpenFileDialog$("Datei Öffnen", "", "*.EXE", "Programdatei", 0)
file$ = ".\Regtest2.exe"
Open file$ For Binary As #1
FileSize = LOF(1)
t$ = "NR"
check$ = " "
Color 3, 5
'Print FileSize
Get #1, FileSize - 1, check$
'check$ = _MK$(_Float, Regist)
'check$ = Left$(check$, 3)
'check$ = Right$(check$, 2)
'Print check1$
'Print check$
Regist = 0
Select Case UCase$(check$)
Case "VC" 'verified copy. All is good
Get #1, FileSize - 10, Regist
String1$ = _MK$(_Float, Regist)
String1$ = Left$(String1$, 9)
'Print String1$
'Print Temp$
If UCase$(String1$) = UCase$(Temp$) Then
Print "You have a paid copy of this software. All is good."
Else
Print " Illegaler Programm Aufruf !!!!!!!"
_Delay 5
Close #1
System
End If
Case "NR" 'already has a timestamp, is a limited time test version. Toss NAG Screen.
Print "This is a trial version of the program."
Registrierung$ = _InputBox$("Regtest Registrierung", "Geben sie bitte den Registrierungs Code ein:", "Demo")
If Registrierung$ = Chr$(36) + Chr$(82) + Chr$(101) + Chr$(103) + Chr$(105) + Chr$(115) + Chr$(116) + Chr$(101) + Chr$(114) + Chr$(64) Then '$Register@
Get #1, FileSize - 10, Regist
String1$ = _MK$(_Float, Regist)
Color 3, 6
String1$ = Left$(String1$, 9)
If UCase$(String1$) = UCase$(Temp$) Then
Print "Programm wurde manipuliert"
Else
Print "Schreibe VC in Datei"
Sleep 5
Close #1
Open "Regtest2.exe" For Binary As #1
Open "Regtest3.exe" For Binary As #2
Do Until EOF(1)
Get #1, , datei&
If Not (EOF(1)) Then Put #2, , datei&
Loop
Temp$ = Temp$ + "VC"
Put #2, FileSize - 1, Temp$
Print "Programm wurde Registriert "
_NotifyPopup "Regtest", "Ihre Registrierung war Erfolgreich", "info" ' "info" , "warning" oder "error"
Close #2
_Delay .5
'Open file$ For Binary As #1
'FileSize = LOF(1)
'Get #1, FileSize - 10, Regist
'String1$ = _MK$(_Float, Regist)
'Color 3, 6
'String1$ = Left$(String1$, 9)
'Print "RegTest " + String1$
Sleep 3
Close #1
If _FileExists("rename.bat") Then
Shell _DontWait _Hide ".\rename.bat": System
Else
Open "rename.bat" For Output As #3
Print #3, "timeout 3"
Print #3, "del Regtest2.exe"
Print #3, "ren Regtest3.exe Regtest2.exe"
Close #3
End If
Shell _DontWait _Hide ".\rename.bat": System
End If
Else
Print " Ihr Code ist Falsch "
_NotifyPopup "Regtest", "Ihre Registrierung ist Fehlgeschlagen", "warning"
End If
Case Else 'first run.
Print "Illegal copy of software! Terminating Now!"
Print " Schreibe NR in Datei"
Close #1
Open "Regtest2.exe" For Binary As #1
Open "Regtest3.exe" For Binary As #2
Do Until EOF(1)
Get #1, , datei&
If Not (EOF(1)) Then Put #2, , datei&
Loop
Sleep 5
'Print check$
Put #2, FileSize + 1, t$
'Print t$
'Sleep
Close #2
If _FileExists("rename.bat") Then
Shell _DontWait _Hide ".\rename.bat": System
Else
Open "rename.bat" For Output As #3
Print #3, "timeout 3"
Print #3, "del Regtest2.exe"
Print #3, "ren Regtest3.exe Regtest2.exe"
Close #3
End If
Shell _DontWait _Hide ".\rename.bat": System
End
End Select
Close #1
'=======================================Code ende Registrirung ====================================================================
'==================================Funtionen fr die Registrirung =================================================
Function GetFileInfo (D)
SERIALFOUND = "!!!-!!!":
If DRIVEEXISTS(D) <> 1 Then GetFileInfo = 0: Exit Function
Dname$ = Chr$(D + 64) + ":\": Sname$ = Space$(260)
R = GetVolumeInformationA(Dname$ + Chr$(0), Vname$, 260, serial~&, empty1~&, empty2~&, Sname$, 260)
If R = 0 Then Exit Function
Sname$ = Left$(Hex$(serial~&), 4) + "-" + Right$(Hex$(serial~&), 4)
SERIALFOUND = "" + Sname$ + ""
GetFileInfo = -1
End Function
'---
Function DRIVEEXISTS (V)
DRIVEEXISTS = 0: varX$ = Chr$(V + 64) + ":\" + Chr$(0): VarX = GetDriveType(varX$): If VarX > 1 Then DRIVEEXISTS = 1
End Function
'===========================================Ende der Registrirung==========================
RE: Write data to EXE file - mnrvovrfc - 05-14-2023
(05-14-2023, 05:18 PM)Steffan-68 Wrote: My only question is, can the actual program also write itself, or is that only possible with a separate program?
If a program is running, you can still open it for reading, but writing is denied.
So the system, with me Windows denied the write access when a program is running.
Here's the question, is there a way to bypass the system lock?
It might be possible to write to an EXE file on disk, by using some other program.
Otherwise what you want to discuss is a touchy subject and it's what some malware are made of. Not just self-modifying code, but any type that changes the executable file that was when it was executed. If you don't want Windows Defender or any other anti-virus thing deleting your EXE's where you don't expect, please don't insist further into this subject. What Steve suggested could work but it's going to be a hassle.
It is not permitted on MacOS nor Linux neither because there has to be a high emphasis on security and on integrity of files.
The thing is, if anything is going to be added to the end of an EXE created by a programming system, the header has to be adjusted, or some other place in the file, so it doesn't "ring a bell" with an anti-virus scanner. Because some Internet security software are known to look for "magic numbers" and have "heuristics" in case something is not done right. More or less it's known how "g++" creates executable files. Tacking on something at the end of an executable file then could be detected by the experts on the industry.
Sadly plagiarists abound and many people aren't interested in being original in their content. One has to deal with it, when supplying MP4, OGG, PNG and other such files. Attaching one of those files to an EXE file is going to make it even less attractive, since enough people are suspicious of downloading installers that come in EXE files. Even self-extracting 7-Zip or RAR. I would never download an EXE file anyhow. Long ago I used to offer EXE files for download because I was reluctant to show source code, because it was rather simple text-parsing stuff. This was before I discovered that things could get even worse with executable files being infected, and half the users trusting too much about it and the other half don't care.
RE: Write data to EXE file - Steffan-68 - 05-15-2023
(05-14-2023, 10:31 PM)mnrvovrfc Wrote: (05-14-2023, 05:18 PM)Steffan-68 Wrote: My only question is, can the actual program also write itself, or is that only possible with a separate program?
If a program is running, you can still open it for reading, but writing is denied.
So the system, with me Windows denied the write access when a program is running.
Here's the question, is there a way to bypass the system lock?
It might be possible to write to an EXE file on disk, by using some other program.
Otherwise what you want to discuss is a touchy subject and it's what some malware are made of. Not just self-modifying code, but any type that changes the executable file that was when it was executed. If you don't want Windows Defender or any other anti-virus thing deleting your EXE's where you don't expect, please don't insist further into this subject. What Steve suggested could work but it's going to be a hassle.
It is not permitted on MacOS nor Linux neither because there has to be a high emphasis on security and on integrity of files.
The thing is, if anything is going to be added to the end of an EXE created by a programming system, the header has to be adjusted, or some other place in the file, so it doesn't "ring a bell" with an anti-virus scanner. Because some Internet security software are known to look for "magic numbers" and have "heuristics" in case something is not done right. More or less it's known how "g++" creates executable files. Tacking on something at the end of an executable file then could be detected by the experts on the industry.
Sadly plagiarists abound and many people aren't interested in being original in their content. One has to deal with it, when supplying MP4, OGG, PNG and other such files. Attaching one of those files to an EXE file is going to make it even less attractive, since enough people are suspicious of downloading installers that come in EXE files. Even self-extracting 7-Zip or RAR. I would never download an EXE file anyhow. Long ago I used to offer EXE files for download because I was reluctant to show source code, because it was rather simple text-parsing stuff. This was before I discovered that things could get even worse with executable files being infected, and half the users trusting too much about it and the other half don't care.
I understand your concerns, but nobody here wants to program malware!
Besides, I'm not nearly good enough for it.
As you can see it works as SMcNeill described.
And it doesn't bother Windows Defender. I don't have any other anti virus programs.
In addition, this has already been done, I mean at a Christmas challenge. Just stop with two programs.
Of course, the reading and processing of the attached information has to be programmed beforehand in the program, but that's not that difficult.
RE: Write data to EXE file - euklides - 05-15-2023
You can for instance use some space directly after the normal end of the exe, so to put same informations.
The exe himself can read theese informations, or modifiy them, if the exe program knows its own path.
Curious question... it seems to be a viral approach of programming...
RE: Write data to EXE file - Steffan-68 - 05-15-2023
(05-15-2023, 03:00 PM)euklides Wrote: You can for instance use some space directly after the normal end of the exe, so to put same informations.
The exe himself can read theese informations, or modifiy them, if the exe program knows its own path.
Curious question... it seems to be a viral approach of programming...
Yes, that's exactly what my program example does.
Just stop by detours.
And why not like this, for information that the program needs once, write it directly into the EXE instead of in a separate file.
In the example above, whether it is registered or not, and bound to an HDD.
There are no limits to the imagination.
Just an alternative to a separate file.
RE: Write data to EXE file - Kernelpanic - 05-15-2023
To change an EXE file one have to decompile it or use a disassembler. There are free (for-free) programs for this like: Cutter(OS) or IDA 82. These also allows programs to be debugged.
The following program below in IDA:
Code: (Select All) Option _Explicit
Declare Function ggt(zahl1, zahl2 as Long) as Long
Declare Function kgV(zahl1, zahl2, ggtErgebnis as Long) as Long
Dim zahl1, zahl2 As Long
Dim d1, d2 As Long
Print
Print "Berechnet den GGT und das kgV nach Euklid"
Print
Input "Geben Sie die erste Zahl ein : ", zahl1
Input "Geben Sie die zweite Zahl ein: ", zahl2
'd1/2 = dummy - Zuweisung als Wert (Value)
'Sonst wird per Referenz auf zahl1/2 zugegriffen,
'und natuerlich ihr veraenderter Wert uebergeben
d1 = (zahl1)
d2 = (zahl2)
Print: Print
Print Using "Der gemeinsame Teiler von ##### und ##### ist: ####"; zahl1, zahl2, ggt(zahl1, zahl2)
Print: Print
'Nur mit den dummies funktioniert es
Print Using "Das kleinste gemeinsame Vielfache von ##### und ##### ist: ###,#####"; d1, d2, kgV(d1, d2, ggt(zahl1, zahl2))
End 'Hauptprogramm
Function ggt (zahl1, zahl2 As Long)
Dim temp As Long
While (zahl1 > 0)
If (zahl1 < zahl2) Then
temp = zahl1: zahl1 = zahl2: zahl2 = temp
End If
zahl1 = zahl1 - zahl2
Wend
ggt = zahl2
End Function
Function kgV (zahl1, zahl2, ggtErgebnis As Long)
Dim ergebnis As Long
ergebnis = ((zahl1 * zahl2) / ggtErgebnis)
kgV = ergebnis
End Function
First a warning:
Debugging in IDA:
RE: Write data to EXE file - Steffan-68 - 05-15-2023
(05-15-2023, 05:21 PM)Kernelpanic Wrote: To change an EXE file one have to decompile it or use a disassembler. There are free (for-free) programs for this like: Cutter(OS) or IDA 82. These also allows programs to be debugged.
This is not about decompiling or disassembling an EXE file or changing the program code.
It's about hanging program parameters that change later on the EXE and the program then evaluates them without saving them in a separate file.
If you looked at the second example that does what I want you would understand.
It just takes longer because it has to copy the EXE as a temp file and then make the changes, delete the original file and rename the temp.
It would only be easier and faster if you could write it directly into the EXE.
|