It is currently Mon Sep 28, 2020 8:43 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 21 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Mon Sep 07, 2020 8:40 am 
Offline
Enthusiast
Enthusiast

Joined: Fri Oct 16, 2009 10:12 am
Posts: 682
Location: BE
BarryG wrote:
That's what ProgramFilename() is for. You don't need to know where the user puts your exe. It gets the exe's path and filename at runtime.

Well, if I put that text file in the Linker and try to create executable, I get the message :
POLINK Fatal Error : File not found 'szFullPath.s=ProgramFilename()'.
So, what am I doing wrong then ?

Thanks.

_________________
Yeah I know, but keep in mind ... Leonardo da Vinci was also an autodidact.


Top
 Profile  
Reply with quote  
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Mon Sep 07, 2020 5:22 pm 
Offline
Enthusiast
Enthusiast

Joined: Mon May 10, 2010 4:02 pm
Posts: 156
Joris wrote:
Well, if I put that text file in the Linker and try to create executable, I get the message :
POLINK Fatal Error : File not found 'szFullPath.s=ProgramFilename()'.
So, what am I doing wrong then ?

Thanks.

The text file must contain 1 line:
/RELEASE

And you must embed this code into your program on PureBasic:
Code:
szFullPath.s=ProgramFilename()
dwFileChecksum.l = 0: dwRealChecksum.l = 0
sz.s = "Hello" ; replace at least 1 character in EXE
MapFileAndCheckSum_(@szFullPath, @dwFileChecksum, @dwRealChecksum)
If dwFileChecksum<>dwRealChecksum
 
 MessageRequester(sz, "the checksum is Not correct = " + Str(dwFileChecksum) +" R="+  dwRealChecksum)
Else
   MessageRequester(sz,  "the checksum is correct= " + Str(dwFileChecksum) +" R="+  dwRealChecksum)
EndIf


Top
 Profile  
Reply with quote  
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Mon Sep 07, 2020 6:13 pm 
Offline
Addict
Addict
User avatar

Joined: Sun Apr 27, 2003 8:12 am
Posts: 2072
Location: USA
As Paul pointed out in another post (different topic), a "=" or "<>" can easily be changed in a hex editor, etc. This should help a bit but nothing is 100%. Replace "@b" with "@c" for a different result.

Code:
szFullPath.s = ProgramFilename()

dwFileChecksum.l = 0
dwRealChecksum.l = 0

sz.s = "Hello" ; replace at least 1 character in EXE

MapFileAndCheckSum_(@szFullPath, @dwFileChecksum, @dwRealChecksum)

a.s = Str(dwFileChecksum)
b.s = Str(dwRealChecksum)
c.s = "hello"

If CompareMemoryString(@a,@b) ; dwFileChecksum <> dwRealChecksum
  MessageRequester(sz, "the checksum is Not correct = " + Str(dwFileChecksum) + " R=" + dwRealChecksum)
Else
  MessageRequester(sz,  "the checksum is correct= " + Str(dwFileChecksum) + " R=" + dwRealChecksum)
EndIf

_________________
www.posemotion.com

PureBasic Tools for OS X: PureMonitor, plist Tool, Data Maker & App Chef

Mac: 10.13.6 / 1.4GHz Core 2 Duo / 2GB DDR3 / Nvidia 320M
PC: Win 7 / AMD 64 4000+ / 3GB DDR / Nvidia 720GT


Even the vine knows it surroundings but the man with eyes does not.


Top
 Profile  
Reply with quote  
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Mon Sep 07, 2020 6:31 pm 
Offline
Enthusiast
Enthusiast

Joined: Mon May 10, 2010 4:02 pm
Posts: 156
J. Baker wrote:
As Paul pointed out in another post (different topic), a "=" or "<>" can easily be changed in a hex editor, etc.

The virus will not use hex editor, and will not change "=" to "<>" :lol:
A hacker will crack any code if needed.


Top
 Profile  
Reply with quote  
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Mon Sep 07, 2020 9:48 pm 
Offline
Addict
Addict
User avatar

Joined: Sun Apr 27, 2003 8:12 am
Posts: 2072
Location: USA
LOL! Nope. If a virus uses a hex editor, I think that would be called an A.I. Just thought I would post it anyway. ;)

_________________
www.posemotion.com

PureBasic Tools for OS X: PureMonitor, plist Tool, Data Maker & App Chef

Mac: 10.13.6 / 1.4GHz Core 2 Duo / 2GB DDR3 / Nvidia 320M
PC: Win 7 / AMD 64 4000+ / 3GB DDR / Nvidia 720GT


Even the vine knows it surroundings but the man with eyes does not.


Top
 Profile  
Reply with quote  
 Post subject: Re: Self Virus Check / Exec Alteration
PostPosted: Tue Sep 15, 2020 9:31 am 
Offline
Enthusiast
Enthusiast
User avatar

Joined: Sun Apr 05, 2020 11:28 am
Posts: 231
Location: Pandora
J. Baker wrote:
Saki, fill free to post. ;)

The QAES File Crypter addon for the Universal Crypter has a 256 bit AES and SHA3 based protection function.
You find at the bottom of the code.

This is primarily needed to check encrypted files for changes or damages.
Or to protect documents, files or images without encrypted content.
It is equally effective on encrypted and unencrypted files and cannot be manipulated.
It is very fast and can be added, checked or removed in a fraction of a second for common files.

Code:
For very fast batch processing :
Debug "###### File protection without encrypt a file ###"
      SaveImage(CreateImage(#PB_Any, 10, 10), path_0$, #PB_ImagePlugin_JPEG)
Debug QAES_smart_file_coder(1, window_ID, progressbar_ID, path_0$, key$, "", 10) ; Protect a file
Debug QAES_smart_file_coder(3, window_ID, progressbar_ID, path_0$, key$, "", 10) ; Check the file protection - Also for encrypted files
Debug QAES_smart_file_coder(2, window_ID, progressbar_ID, path_0$, key$, "", 10) ; Remove the file protection

#### File protection without encrypt a file ###
ALLok ##16QF - File protected  ! - File hash ==>851039acf9350805f70315b74df68e20e155bc9de0259baff9e5719e1906b665
ALLok ##11QF - File integrity succesfully checked ! - Used counter =>10 - File hash ==>851039acf9350805f70315b74df68e20e155bc9de0259baff9e5719e1906b665
ALLok ##15QF - File unprotected  ! - Used counter =>10 - File hash ==>851039acf9350805f70315b74df68e20e155bc9de0259baff9e5719e1906b665

viewtopic.php?f=12&t=75943

It has included a complete tool for simplest using :
Image

_________________
地球上の平和


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 21 posts ]  Go to page Previous  1, 2

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 29 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye