PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

Execute EXE from memory Lib

https://www.purebasic.fr/english/viewtopic.php?t=22382

Page 3 of 7

Posted: Thu Jun 22, 2006 12:10 pm
by Inf0Byt3
Very nice! Glad it could be recovered!

Posted: Thu Jun 22, 2006 3:16 pm
by gnozal
Maxus wrote:I now install VMware and I shall check up on Window98.
Sorry for the stupid question, but do you call cmd.exe to execute the program ?
It's command.com on Win9x/Me.

Posted: Thu Jun 22, 2006 3:18 pm
by oryaaaaa
Cool library :D
Thanks

Posted: Thu Jun 22, 2006 4:07 pm
by Maxus
gnozal wrote:
Maxus wrote:I now install VMware and I shall check up on Window98.
Sorry for the stupid question, but do you call cmd.exe to execute the program ?
It's command.com on Win9x/Me.
I understand, for this purpose and I am going to check.

Posted: Thu Jun 22, 2006 11:11 pm
by inc.
Maxus - Спасибо ! :)

Posted: Fri Jun 23, 2006 7:14 am
by ricardo
Is this ussefull to prevent cracking of some app?

Which could be the best way to use it? Packing app? Any ideas?

Posted: Fri Jun 23, 2006 7:15 am
by Maxus
It is a lot of ideas, the most important that imaginations have sufficed.
Also it is not necessary to forget: " That one person has ciphered, another all the same will decipher ", only how many on it of time and nerves will leave?

P.S. - I think to continue restoration of an initial code after a trip to Italy, approximately after July, 15th.

Posted: Fri Jun 23, 2006 10:29 am
by Michael Vogel
Hi,

I wonder, what brilliant things can be done with pure basic (and good programmers ) - thanks for the nice tool!

I just changed some lines, even it does not do any enhancement...

Code: Select all


; did some small changes...
; - allow screen savers to be compressed
; - allow to use the tool more often (signature has been filled with MZMZMZ...)
; - reduced the code a little bit (you could also remove a fileseek line in the stub.pb;)
; - changed the maximum packing rate to 9 (I did not see better results anyway)
; - calculate real size reduction (stub size have to be added)

; - now only a icon for the created exe is missing ;)

;(c)2006 Inf0Byt3

Enumeration
	#Window_0
EndEnumeration

Enumeration
	#Text_0
	#String_0
	#Button_0
	#Frame3D_0
	#CheckBox_0
	#Text_1
	#TrackBar_1
	#ProgressString_0
	#Button_1
	#Button_2
	#Button_3
EndEnumeration

If OpenWindow(#Window_0, 411, 290, 299, 208, "FShrink v1.0a",  #PB_Window_SizeGadget | #PB_Window_TitleBar)
	If CreateGadgetList(WindowID(#Window_0))
		TextGadget(#Text_0, 5, 10, 290, 15, "Choose an executable file:")
		StringGadget(#String_0, 5, 30, 225, 20, "")
		ButtonGadget(#Button_0, 235, 30, 60, 20, "Browse")
		Frame3DGadget(#Frame3D_0, 5, 60, 290, 115, "Options")
		CheckBoxGadget(#CheckBox_0, 10, 80, 278, 15, "Backup the input executable file")
		TextGadget(#Text_1, 10, 105, 280, 15, "Compression level:")
		TrackBarGadget(#TrackBar_1, 10, 120, 280, 20, 0, 9)
		TextGadget(#ProgressString_0, 10, 150, 280, 15, "Action: Waiting for a PE file to be loaded.")
		ButtonGadget(#Button_1, 5, 180, 90, 25, "About")
		ButtonGadget(#Button_2, 205, 180, 90, 25, "CompressPE")
		ButtonGadget(#Button_3, 110, 180, 90, 25, "Exit")
		SetGadgetState(#CheckBox_0,1)
		SetGadgetState(#TrackBar_1,9)
	EndIf
EndIf

Repeat
	event = WaitWindowEvent()
	If event= #PB_Event_Gadget
		Select EventGadget()
		Case #Button_0
			PE.s = OpenFileRequester("Choose a program file:","","PE Executable (*.exe, *.scr)|*.exe;*.scr",0)
			If PE <SetGadgetText> 0 And FileSize(File) < 32<<20

				If ReadFile(0,File)
					If ReadWord(0)<>'ZM'
						MessageRequester("FShrink","The file you have chosen is not a valid PE file.")
						End
					Else
						FileSeek(0,0)
						Filesize = Lof(0)

						*Buffer = AllocateMemory(Filesize)
						ReadData(0,*Buffer,Filesize)
						CloseFile(0)
						*BufferCompressed = AllocateMemory(Filesize+8)
						If *Buffer And *BufferCompressed
							SetGadgetText(#ProgressString_0,"Action: Compressing file. Please wait.")
							LengthCompressed = PackMemory(*Buffer,*BufferCompressed,Filesize,GetGadgetState(#TrackBar_1))
							
							If GetGadgetState(#CheckBox_0) = 0
								DeleteFile(File)
							Else
								File=GetPathPart(File)+GetFilePart(File)+"_compressed.exe"
							EndIf
							CreateFile(0,File)
							WriteData(0,?StubStart,?StubEnd-?StubStart)
							WriteData(0,*BufferCompressed,LengthCompressed)
							WriteLong(0,Filesize)
							WriteLong(0,LengthCompressed)
							CloseFile(0)
							MessageRequester("Ready","The file was compressed successfully. Now it is: "+Str((Filesize-LengthCompressed+?StubStart-?StubEnd)>>10)+" kB smaller.")

							SetGadgetText(#ProgressString_0,"Action: Waiting for a PE file to be loaded.")
							SetGadgetText(#String_0,"")
				
						If *BufferCompressed
							FreeMemory(*BufferCompressed)
						EndIf
					EndIf
				EndIf
			Else
				MessageRequester("FShrink","Could not read the file.")
				End
			EndIf
		Else
			MessageRequester("FShrink","The filesize must be bigger than 0 and smaller than 32MB.")
		EndIf
	EndSelect
EndIf
ForEver

DataSection
StubStart:
IncludeBinary "Stub.exe"
StubEnd:
EndDataSection
Michael.

Posted: Fri Jun 23, 2006 10:45 am
by thefool
I have been rewriting the whole stub to add security functionality (polymorphic encryption, polymorphic code (the code is based on random numbers, changes everytime you run it), debugger checks and so on. I still need a lot; but i can't do anything till we can get the launched process id out of the lib!)

Posted: Fri Jun 23, 2006 11:04 am
by Kiffi
Michael Vogel wrote:

Code: Select all

If PE <SetGadgetText> 0 And FileSize(File) < 32<<20
interesting Code ;-)

Greetings ... Kiffi

Posted: Fri Jun 23, 2006 11:43 am
by mskuma
thefool wrote:I have been rewriting the whole stub to add security functionality
Sounds great - a perfect application for this lib. Looking forward to seeing more.

@Maxus, thanks alot for this!

Posted: Fri Jun 23, 2006 12:26 pm
by Inf0Byt3
Great job Michael and Thefool. I just found some nice encryption (self-encrypting) but I've got to polish it a bit and I'll post it here :D.

[Edit]
[quote]I have been rewriting the whole stub to add security functionality (polymorphic encryption, polymorphic code (the code is based on random numbers, changes everytime you run it), debugger checks and so on. I still need a lot; but i can't do anything till we can get the launched process id out of the lib!)[quote]

Sorry haven't read this carefully. So the encryption is ready :D. Thanks.

Posted: Fri Jun 23, 2006 4:29 pm
by sverson
Great work - thanks!

;-) sverson

Posted: Sat Jun 24, 2006 12:30 pm
by thefool
Inf0Byt3 wrote: Sorry haven't read this carefully. So the encryption is ready :D. Thanks.
hey its more the other stuff. The encryption isnt really that good; so if you got a nice algo please come with it :)

Posted: Sat Jun 24, 2006 4:36 pm
by Inf0Byt3
I´m very very sorry, but I lost my hard-disk! It failed today in the morning... I´ll kill myself. I´m lucky I didn lost PureAV. For now, I have a 5 GB hard-drive and I use Linux. I don know how much will I be in this situation, I´ll buy another HDD soon. I really really am sorry I dissapointed you and very sad this happened. Don´t know why it failed, just didn´t start anymore :(.

About the encryption, my model was a modification of the self-encryption algo. Here it is the original code (i think Dare2 made it...)

Code: Select all

Procedure.s selfE(src.s,en.l)
  k1=Len(src)
  If k1>0
    *p=@src
    k2=PeekB(*p) & $FF
    r=k1 ! k2
    If r<>0 : PokeB(*p,r) : EndIf
    For i=2 To Len(src)
      *p+1
      If en : k1=PeekB(*p-1) & $FF : Else : k1=k2 : EndIf
      k2=PeekB(*p)
      r=k1 ! k2
      If r<>0 : PokeB(*p,r) : EndIf
    Next
  EndIf
  ProcedureReturn src
EndProcedure

w.s="Wooo! Hooo! This is self encrypting"
x.s=selfE(w,#True)
y.s=selfE(x,#False)
Debug w
Debug x
Debug y
Sorry again and I hope this is good enough...

Cheers,
Alex.
All times are UTC+01:00
Page 3 of 7

Powered by phpBB® Forum Software © phpBB Limited