CheckSumVerify - verify integrity of the compiled exe

[trancexx]

That seems to do the trick too.

Yes, but that means something is wrong. I'm using semaphore object to synchronize different actions, and in your case that doesn't work as I would expect.

So, regardless of the issues you have with this script, can you check that it does the job all the same? Could you change compiled executable (just one byte is enough) with some hex editor and see if error verification message is displayed. You can also append some random data to the exe.

[JohnOne]

I wouldn't even know where to start changing a byte to be honest 

But I'll definitely give it a go if you can point me to a decent hex editor.

[Gianni]

Dear trancexx,

Please clone yourself ; the world needs more people like you.

A fan.

agree

<snip>

Please clone yourself

<snip>

 

.... here it is

trancexx cloner (just for fun)

expandcollapse popup

#include <GDIPlus.au3>
#include <WindowsConstants.au3>
HotKeySet('{ESC}', '_Quit')
;Mouse
GUIRegisterMsg(0x0202, "_Quit")
GUIRegisterMsg(0x0205, "_Quit")
Global $FileimgClone[2] = [@TempDir & "\clone.gif",@TempDir & "\Flower.gif"]
If Not FileExists($FileimgClone[0]) Then InetGet("http://static1.autoit-cdn.com/forum/uploads/profile/photo-thumb-33569.jpg", $FileimgClone[0])
If Not FileExists($FileimgClone[1]) Then InetGet("http://oi59.tinypic.com/2a986dt.jpg", $FileimgClone[1]) ; credit: http://www.webweaver.nu
For $i = 1 To 100
    $Width = Random(0, @DesktopWidth - 100, 1)
    $Height = Random(0, @DesktopHeight - 100, 1)
    image($Width, $Height, $FileimgClone[Random(0,1,1)])
Next
Sleep(3000)
FileDelete($FileimgClone[0])
FileDelete($FileimgClone[1])
Func image($Left, $Top, $Picture)
    $yGUI = GUICreate("", 100, 100, $Left, $Top, $WS_POPUP, $WS_EX_LAYERED + $WS_EX_TOOLWINDOW + $WS_EX_TOPMOST)
    _GDIPlus_Startup()
    $yImage = _GDIPlus_ImageLoadFromFile($Picture)
    GUISetState(@SW_SHOW, $yGUI)
    $iOpacity = 255
    For $i = 0 To $iOpacity Step 10
        SetBitmap($yGUI, $yImage, $i) ; 255)
        Sleep(10)
    Next
EndFunc   ;==>image
Func SetBitmap($hGUI, $hImage, $iOpacity)
    Local $hScrDC, $hMemDC, $hBitmap, $hOld, $pSize, $tSize, $pSource, $tSource, $pBlend, $tBlend

    $hScrDC = _WinAPI_GetDC(0)
    $hMemDC = _WinAPI_CreateCompatibleDC($hScrDC)
    $hBitmap = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImage)
    $hOld = _WinAPI_SelectObject($hMemDC, $hBitmap)
    $tSize = DllStructCreate($tagSIZE)
    $pSize = DllStructGetPtr($tSize)
    DllStructSetData($tSize, "X", _GDIPlus_ImageGetWidth($hImage))
    DllStructSetData($tSize, "Y", _GDIPlus_ImageGetHeight($hImage))
    $tSource = DllStructCreate($tagPOINT)
    $pSource = DllStructGetPtr($tSource)
    $tBlend = DllStructCreate($tagBLENDFUNCTION)
    $pBlend = DllStructGetPtr($tBlend)
    DllStructSetData($tBlend, "Alpha", $iOpacity)
    DllStructSetData($tBlend, "Format", 1)
    _WinAPI_UpdateLayeredWindow($hGUI, $hScrDC, 0, $pSize, $hMemDC, $pSource, 0, $pBlend, $ULW_ALPHA)
    _WinAPI_ReleaseDC(0, $hScrDC)
    _WinAPI_SelectObject($hMemDC, $hOld)
    _WinAPI_DeleteObject($hBitmap)
    _WinAPI_DeleteDC($hMemDC)
EndFunc   ;==>SetBitmap
Func _Quit()
    Exit
EndFunc   ;==>_Quit

p.s.

drawing function taken from AZJIO's ">A gift of flowers"

Edited September 10, 2014 by Chimp

[trancexx]

I wouldn't even know where to start changing a byte to be honest 

But I'll definitely give it a go if you can point me to a decent hex editor.

WinHex is super nice. It's not free tool, but you can do this with evaluation version too. 

If you are on win8 or above, just search the store for hex editor, there are few free ones available.

@Chimp guy, that's nice, flowers and shit, how lovely. But really, I'm not that good.

[jchd]

PsPad works and is a decent editor as well.

[UEZ]

@Chimp: marriage proposal to trancexx?   
 

Br,

UEZ 

[JohnOne]

I tried to alter 1 byte with HxD, but when I try to run it, just get a win error saying the file is not valid win32 file.

Guess I have no idea which byte to change.

[UEZ]

Probably you changed something in the PE header which was broken afterwards.

Br,

UEZ

[JohnOne]

Yeah, I just added a bunch of bytes at the end, and I got the message box that the file has been changed, so it appears to work with line 30 commented out.

EDIT:

"Binary integrity can't be verified"

Edited September 10, 2014 by JohnOne

[trancexx]

It's safe to change something from the top. PE files start with legacy header in which you can find message "This program cannot be run in DOS mode". Change it to "This program is mine, mine, bwahaha!"

[JohnOne]

It's safe to change something from the top. PE files start with legacy header in which you can find message "This program cannot be run in DOS mode". Change it to "This program is mine, mine, bwahaha!"

I actually tried editing that string first, it ran but a command prompt flashed up quick and it just exited

[trancexx]

Wait a second there mister. Are you compiling CUI all this time?

[JohnOne]

No ma'am.

Don't know if you missed my earlier post, but it does work with the line commented.

[trancexx]

That's great. I just have to figure out what's the problem with semaphore.

Btw, when you edit bytes inside the exes, don't delete them or add new, just change them. By removing or adding new bytes all the addresses or whatnot are made invalid, and exe gets corrupted.

Edited September 10, 2014 by trancexx

[joakim]

Great idea and code! Very nice. But there's still a way to fool the compiled binary. Remove the CHKS resource, modify the binary to fit your needs, and then re-run the program. In the end it will compare itself against the checksum generated on the hacked executable.

[trancexx]

JohnOne, is your system 64bit?

If yes then where did you ran your exe from, program files or some subdir of it?

If yes, I'll kill you because that's just lame. File system redirection can explain the problems you had with the script.

[JohnOne]

I run script from subdir of documents folder, and have 32 bit OS running on 64 bit cpu. There is none of the wow64 nonsense in my folders or registry.

[Virgus]

Hello trancexx,

I'm trying your script but I'm having an error saying: "Unable to add resources"

I checked ...Local SettingsApplication DataAutoIt v3Aut2Exe files and I can see clearly that the temp.exe file is correctly generated with all the others,

but then the compile process halts.

I'm using XP SP3 and Aut2Exe with /nopack option and Autoit Version 3.3.12

I tried commenting line 30 and/or line 48 but nothing changes.

JohnOne, could you get back that line and comment-out line 30.

This line reruns the exe after the modifications are being done on first run. When commented out, first run doesn't actually start your script. On next runs only the check is done and original script is executed.

 

What might the problem be?

Thanks and have a nice day,

V.

Edited September 16, 2014 by Virgus

[trancexx]

This script is unrelated to errors you get.

The code from here is executed on the first run after you compile your script.

If you have problems compiling AutoIt scripts then report that to Jon, he's the only left active developer.

[Virgus]

Hello trancexx,

I have had no problems compiling scripts so far.

For testing purposes I'm using your sample script.

I just installed the newest "clean" Autoit beta and tried again to compile

with the #include "CheckSumVerify.au3" and it gives me always the same error.

If I comment the include then I get the script compiled.

I'll try to install and compile on a clean XP OS and let you know.

Ciao,
V.