http://www.purebasic.com
https://www.purebasic.fr/english/
+1firace wrote:Just one thing to be aware of: ADS is a property of the NTFS file system, so the information is lost if you copy the file to another drive (or if you zip it).
But be careful: Some antivirus programs sound the alarm.HanPBF wrote:To have one file for start, maybe UPX exe packer could help (https://upx.github.io/).
I suppose you talk about a drive in FAT32 ? or even if the drive is in NTFS ?Firace wrote:Just one thing to be aware of: ADS is a property of the NTFS file system, so the information is lost if you copy the file to another drive (or if you zip it).
Happy to read your advice about my choiceNormeus wrote:It is used when you are creating documents so that the system will know you are going to delete this file so it has an option to save to cache.
since you are not creating the file then the system will just ignore #FILE_ATTRIBUTE_TEMPORARY.
It's good to know that, before throwing his pc in the trash, because he decided not to backup our programs anymoreNormeus wrote:The only problem I see is that, some backup and replication programs will not copy files marked as temp.
I don't know really what is ShellcodeMijikai wrote:Run shellcode in another application to override the stateflag once ur application closes.
Yes you have right, an EXE is not an ACCESS fileHanPBF wrote:Normally an exe is not allowed to be changed as malicious software could do so and that's prevented.
A file storing the state beside the exe is the only way or writing in the registry of the user.
because the legend say he so much strong the judge not allow him to have even a simple calculator when he is condamned Interesting new way, even if use it for just a txt file with 0 or 1 inside, it's a little bit, use an elephant for carry your stylus for your smartphoneHanPBF wrote:To have one file for start, maybe UPX exe packer could help (https://upx.github.io/).
Yes you have right, it's also a thing to considerRSBasic wrote:But be careful: Some antivirus programs sound the alarm.
Shellcode is basically code that can run by itself anywhere in memory.Kwai chang caine wrote:I don't know really what is Shellcode
You mean, like a batch ? i have do one time this style of way, when i close the exe, i write a batch in tempfolder, with inside the rename of the exe, and after the batch can delete itself
But i don't know it's possible to poke an exe with a script
Afaik - patching itself is normal practiseHanPBF wrote:Normally an exe is not allowed to be changed as malicious software could do so and that's prevented.
...
Code: Select all
#Q=#DOUBLEQUOTE$
#KccExe="kcc.exe"
#KccCmd="kcc.cmd"
Procedure Daisy(value)
Protected temp.s
Protected original.s
Protected new.s
original=ProgramFilename()
temp=GetTemporaryDirectory()
If CopyFile(original,temp+#KccExe)
RunProgram(temp+#KccExe,"! "+Str(value)+" "+#Q+original+#Q,temp)
End
Else
MessageRequester("Daisy",": (")
EndIf
EndProcedure
Procedure Donald(value,original.s)
Protected temp.s
temp=GetTemporaryDirectory()
If Left(ProgramFilename(),Len(temp))=temp
SetCurrentDirectory(temp)
SetFileDate(original,#PB_Date_Modified,Date(2000,1,1,0,0,value))
If CreateFile(0,#KccCmd)
WriteStringN(0,"@del "+#Q+#KccExe+#Q)
WriteStringN(0,"@del "+#Q+#KccCmd+#Q)
CloseFile(0)
WinExec_("cmd.exe /c "+#KccCmd,#SW_HIDE)
RunProgram(original)
End
EndIf
EndIf
MessageRequester("Donald",": (")
EndProcedure
If CountProgramParameters()=3
If ProgramParameter(0)="!"
Donald(Val(ProgramParameter(1)),ProgramParameter(2))
EndIf
Else
value=GetFileDate(ProgramFilename(),#PB_Date_Modified)
If Year(value)>2000
value=0
Else
value=value%60
EndIf
If MessageRequester("Main - "+GetPathPart(ProgramFilename()),"Value: "+Str(value),#PB_MessageRequester_YesNo)=#PB_MessageRequester_Yes
Debug "!"
Daisy(value+1)
Else
End
EndIf
EndIf