How to import a file into PE header of an exe then load that file from within modified exe
-
How to import a file into PE header of an exe then load that file from within modified exe i searched CP about this but found nothing relevant the articles i found were mostly code injection based simply i want to import a file ( ex: BMP) into PE header of a compiled exe then read this file through a predefined function from within compiled exe is it possible , if possible could you show me how to do thanks
-
How to import a file into PE header of an exe then load that file from within modified exe i searched CP about this but found nothing relevant the articles i found were mostly code injection based simply i want to import a file ( ex: BMP) into PE header of a compiled exe then read this file through a predefined function from within compiled exe is it possible , if possible could you show me how to do thanks
-
no , i will compile exe and then create another program to import specified file to compiled exe , target exe will not work at this time i want to implement a simple compiler for my own use i have a program that parses a custom file format currently i am importing files to resource section already through another program that i made so select file and import into resource section of target exe then i run modified exe it will load that file from resource and execute resource method works very well but i do not find it secured enough i want to implement some thing with PE headers now i want to import file into PE header of a precompiled exe and then read at runtime , through functions i wrote before compile target exe
-
no , i will compile exe and then create another program to import specified file to compiled exe , target exe will not work at this time i want to implement a simple compiler for my own use i have a program that parses a custom file format currently i am importing files to resource section already through another program that i made so select file and import into resource section of target exe then i run modified exe it will load that file from resource and execute resource method works very well but i do not find it secured enough i want to implement some thing with PE headers now i want to import file into PE header of a precompiled exe and then read at runtime , through functions i wrote before compile target exe
only_jack wrote:
resource method works very well but i do not find it secured enough
The BMP file you want to insert is that sensitive? Once you replace the PE headers with some other file, that modified file will no longer function. So what purpose does it serve? The cynic in me smells a Trojan horse (i.e., trying to hide the nefarious file from AV software by wrapping it with some other legitimate file).
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"Man who follows car will be exhausted." - Confucius
-
only_jack wrote:
resource method works very well but i do not find it secured enough
The BMP file you want to insert is that sensitive? Once you replace the PE headers with some other file, that modified file will no longer function. So what purpose does it serve? The cynic in me smells a Trojan horse (i.e., trying to hide the nefarious file from AV software by wrapping it with some other legitimate file).
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"Man who follows car will be exhausted." - Confucius
-
no , i will compile exe and then create another program to import specified file to compiled exe , target exe will not work at this time i want to implement a simple compiler for my own use i have a program that parses a custom file format currently i am importing files to resource section already through another program that i made so select file and import into resource section of target exe then i run modified exe it will load that file from resource and execute resource method works very well but i do not find it secured enough i want to implement some thing with PE headers now i want to import file into PE header of a precompiled exe and then read at runtime , through functions i wrote before compile target exe
-
only_jack wrote:
resource method works very well but i do not find it secured enough
The BMP file you want to insert is that sensitive? Once you replace the PE headers with some other file, that modified file will no longer function. So what purpose does it serve? The cynic in me smells a Trojan horse (i.e., trying to hide the nefarious file from AV software by wrapping it with some other legitimate file).
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"Man who follows car will be exhausted." - Confucius
why are you getting all wrong
DavidCrow wrote:
The BMP file you want to insert is that sensitive?
BMP was an example i will use something else , maybe you forget to do your glasses while reading my question
DavidCrow wrote:
Once you replace the PE headers with some other file, that modified file will no longer function. So what purpose does it serve?
i never said that i want to replace X| i want to replace nothing , i want to import a new section
DavidCrow wrote:
The cynic in me smells a Trojan horse (i.e., trying to hide the nefarious file from AV software by wrapping it with some other legitimate file).
:thumbsdown::thumbsdown: why i will do this for a malicious purpose , all of AVs can scan PE headers you should know this as a MVP :confused:, if i want to hide a file from user or AVs , i can easily import it to a NTFS portion as a ADS :laugh: but i am killing my hours against them :^) if i was looking for some malicious resources trust me i can find them on the net in few seconds :thumbsup: , even in codeproject site there are lots of articles like how to inject your code to another process maybe first you should check those articles firs which you approved and publised finally , i will explain it a bit more the compiled exe uses a %80 modified Lua interpreter do you know Lua and i am importing some modified Lua scripts in to compiled exe's resources and then i am getting these scripts through resource API functions then redirect the file buffer to luaL_loadbuffer() function of LUA C API interpreter parses this file and generates some reports so i am uploading this file to FTP and users download it priodically and run to get some report about a main program ,and it will edit some portions of main installition if necessary with user's permission (i hope now you do not get this like i am making a pacher) finally it will generate a report like below and present some options to user ------------------------------------------------- your installition needs an update x database is absolete , y file needs a update , the purpose that you having trouble to understand was the automation of some report procedures do you know an idiot who spends hours to do above to make a simple damn trojan , whereas it can be done within minutes
-
why are you getting all wrong
DavidCrow wrote:
The BMP file you want to insert is that sensitive?
BMP was an example i will use something else , maybe you forget to do your glasses while reading my question
DavidCrow wrote:
Once you replace the PE headers with some other file, that modified file will no longer function. So what purpose does it serve?
i never said that i want to replace X| i want to replace nothing , i want to import a new section
DavidCrow wrote:
The cynic in me smells a Trojan horse (i.e., trying to hide the nefarious file from AV software by wrapping it with some other legitimate file).
:thumbsdown::thumbsdown: why i will do this for a malicious purpose , all of AVs can scan PE headers you should know this as a MVP :confused:, if i want to hide a file from user or AVs , i can easily import it to a NTFS portion as a ADS :laugh: but i am killing my hours against them :^) if i was looking for some malicious resources trust me i can find them on the net in few seconds :thumbsup: , even in codeproject site there are lots of articles like how to inject your code to another process maybe first you should check those articles firs which you approved and publised finally , i will explain it a bit more the compiled exe uses a %80 modified Lua interpreter do you know Lua and i am importing some modified Lua scripts in to compiled exe's resources and then i am getting these scripts through resource API functions then redirect the file buffer to luaL_loadbuffer() function of LUA C API interpreter parses this file and generates some reports so i am uploading this file to FTP and users download it priodically and run to get some report about a main program ,and it will edit some portions of main installition if necessary with user's permission (i hope now you do not get this like i am making a pacher) finally it will generate a report like below and present some options to user ------------------------------------------------- your installition needs an update x database is absolete , y file needs a update , the purpose that you having trouble to understand was the automation of some report procedures do you know an idiot who spends hours to do above to make a simple damn trojan , whereas it can be done within minutes
only_jack wrote:
the purpose that you having trouble to understand was the automation of some report procedures
We are having trouble understanding it because you are not explaining it! Your original post mentioned nothing about automated reports, it merely said you wanted to modify an exe file by importing a bitmap resource - hence the suspicion that you were trying something illegal. Your description above still confuses me, if a program needs runtime parameters that are not compiled into its resources then why not just read some sort of parameter or config file, as does just about every commercial application in the world?
MVP 2010 - are they mad?