EXE edit like a trojan

[Mahan]

On Windows if you start processes from an .exe the .exe-file is locked/read-only until you close the last process started from it.
This makes it very hard for a .exe to modify itself.

One trick that you can do however (I've done it on a Delphi program a long time ago) is that you can have a DLL that you load dynamically, that you can actually unload from the process, write updates and then reload into the process again.

What I did was that I made several defined a "marker constant block" before the constants in the DLL-code that where my "settings" that i wanted to save in the DLL.
When I wanted to save settings I simply
1. unloaded the dll
2. opened it as a file
3. searched for the "marker constant block"
4. edited the offset bytes right after the marker block
5. closed file
6. reloaded dll.

Also note that Windows Vista and Windows 7 is very much more restrictive about updating stuff in you c:\program files\ folder and c:\windows\system32 folders so my method above it not as effective today as it once was, but I think that this description should get you going to make a prototype if you are curious

[Thorium]

On Windows if you start processes from an .exe the .exe-file is locked/read-only until you close the last process started from it.
This makes it very hard for a .exe to modify itself.

He doesnt asked about selfmodifying.
But it's actualy not hard at all.

1.) original exe copies itself to temp dir (you allways can write to the temp dir no matter if win 7 or whatever)
2.) original exe starts it's copy and terminates itself
4.) copy of exe waits for termination of original exe and does whatever manipulations to the original exe
5.) copy of exe starts manipulated exe and terminates itself
6.) manipulated exe waits for termination of copied exe and delets it

This can be very easiely done by using command line parameters.

[PureLeo]

So writing something to the end or to the begining of a file doesn't corrupt it...

No no. Writing something to the beginning of the file does corrupt it.

Lol, yes... that was a stupid question

If this is a program you wrote, why not use a datasection?

Using datasection is a good idea, just a little bit harder to overwrite data after compiling.

Also, how does an 'install maker' work, for instance?
I mean, you compile an EXE(your install maker), and it is able to generate another exe(the installer) with some needed settings and the actual App embeded.

Same way.

It's hard to think of a way...
-My install maker generates an exe (ok, i can embed it in the datasection) then write something to its end to setup stuff...
-This generated exe must be capable itself of embedding another file in it, as it will be the installer for something (this is the harder part for my brain, since I can only embed stuff before compiling) or would I made this installer capable of writing the installation files in itself, in its end?

It seems like would work, but too simple and poor
(and confuses me, as it reminds me of the 'Inception' movie: a dream inside a dream inside a dream)

[Thorium]

or would I made this installer capable of writing the installation files in itself, in its end?

Exactly
But i dont understand why the installer have to write to itself.
You have a install builder and a precompiled installer.exe. The install builder writes the files to the installer.exe. Why would the installer.exe need to modify itself?

It seems like would work, but too simple and poor

To simple isnt existing.
If it works and satisfy all your needs its good. Why would you want a more complex methode?

[PureLeo]

Exactly
But i dont understand why the installer have to write to itself.
You have a install builder and a precompiled installer.exe. The install builder writes the files to the installer.exe. Why would the installer.exe need to modify itself?
...
To simple isnt existing.
If it works and satisfy all your needs its good. Why would you want a more complex methode?

You're right, the install builder would do that...

And by simple I meant there could be more 'professional' or 'solid' ways which I couldn't think of, but yeah, if it works and it's the way people use to do this, it's good enough for me