darkjohn20 Posted March 29, 2010 Posted March 29, 2010 (edited) I seem to recall there being an example script that would take an exe or dll and inject it into a target exe. I've been searching through the forums but can't seem to find it. Perhaps I just don't know the correct name for it. As far as I know it wasn't locked or removed for being "malicious". Correct me if I'm wrong. Could anyone point me to something like this? Thanks. Edit: To be clear, I'm not looking for embedding .exe's in AutoIt compiled files. I'm talking about .exe files that have nothing to do with AutoIt. Edited March 29, 2010 by darkjohn20
FinalVersion Posted March 29, 2010 Posted March 29, 2010 You won't find it anywhere because it's probably not allowed. And you can't inject an executable into another executable. [center][+] Steam GUI [+][+] Clipboard Tool [+][+] System :: Uptime [+][+] StarCraft II Mouse Trap [+][/center]
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 What I meant was putting one .exe into another. (Not while it's running). It can be done, because it's been on the forums. I don't recall there being a problem last time I saw it, but if this shouldn't be discussed, please, lock this, and forgive me for bringing it up. If, by a small chance, this topic is alright, does anyone else have any ideas?
JohnOne Posted March 29, 2010 Posted March 29, 2010 Im not sure its possible, or if its allowed. Perhaps if you describe your goal, someone may be able to help you with what you need. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
jchd Posted March 29, 2010 Posted March 29, 2010 There are perfectly legitimate uses for code injection ... and obviously other in grey or dark areas. Have you tried a search for "dll injection"? This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)
FinalVersion Posted March 29, 2010 Posted March 29, 2010 There are perfectly legitimate uses for code injectionName one. [center][+] Steam GUI [+][+] Clipboard Tool [+][+] System :: Uptime [+][+] StarCraft II Mouse Trap [+][/center]
jchd Posted March 29, 2010 Posted March 29, 2010 Extending functionality or implementing workarouds in third-party code when you don't have the full source, debugging in some situations, for instance. This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 It isn't dll injection. I guess if I was to refine what I'm looking for, it would be storing an exe/dll file in another exe, one that wasn't running.
JohnOne Posted March 29, 2010 Posted March 29, 2010 (edited) You mean the hiding of one file in another alternative stream or something ? http://www.autoitscript.com/forum/index.php?showtopic=82715 Edited March 29, 2010 by JohnOne AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
jchd Posted March 29, 2010 Posted March 29, 2010 (edited) That's even harder. DO you mean you want an equivalent of FileInstall but for random executables you don't have source code? I suppose that could be done by messing with the .exe format (extending declared size while preserving entry point), but I don't see how your extra code could get executed if the "pregnant" .exe isn't aware of its state. In the case of .dll, there is I believe still a question about relocation.What is the real-life need for such hacking of passive executable(s)?Edit: ADS is a way of storing something along a regular file, not inside. Also I don't believe an ADS can survive common situations like transfer over some networks, copying to a FAT filesystem, etc. Edited March 29, 2010 by jchd This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)
monoceres Posted March 29, 2010 Posted March 29, 2010 That's even harder. DO you mean you want an equivalent of FileInstall but for random executables you don't have source code? I suppose that could be done by messing with the .exe format (extending declared size while preserving entry point), but I don't see how your extra code could get executed if the "pregnant" .exe isn't aware of its state. In the case of .dll, there is I believe still a question about relocation.What is the real-life need for such hacking of passive executable(s)?It's quite simple actually (well the theory is...), add another section with your code in it, point entyr point to the new section and then your code do a jump back to the original entry point when it's done.However part from the personal enjoyment of such hacking there is very few (if any) legitimate reasons to do this.Also, if you look at the right places you will find that there are code on these forums that allows you to hack executables so they execute arbitrary code every time they're started. Broken link? PM me and I'll send you the file!
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 (edited) Basically, I mean having an exe:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxand adding another exe to the end:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnnnnnnnnnnnnnnnnnnnnnnnnnnnnI believe the example I saw long ago gave a reason along the lines of: All data is stored in an .exe, and then could be pulled out.This would be ideal if you wanted a program to start as a single .exe, and, upon the user's request, "unpack" files to an install directory.So, it would be similar to FileInstall in the overall goal, but maybe not what FileInstall actually does? (I don't know.) And it would be for non-AutoIt .exe's.jchd, the goal would be to place code into another .exe, but that .exe wouldn't need to know how to run it. It would just be extracted by a script. In essence, another .exe or .dll, or even .txt would just reside in the .exe, so there isn't a bunch of file clutter. I don't really see anything malicious in this, as it would not be runnable by itself.I will take a look at ADS as it may be what I need. Edited March 29, 2010 by darkjohn20
trancexx Posted March 29, 2010 Posted March 29, 2010 That is called adding resources. You don't add to the end, but to the resource section. ♡♡♡ . eMyvnE
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 Alright, so how could this be achieved?
KaFu Posted March 29, 2010 Posted March 29, 2010 Resources it is, ADSs only survives a direct NTFS<>NTFS file transfer... OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2024-Oct-13) BIC - Batch-Image-Cropper (2023-Apr-01) COP - Color Picker (2009-May-21) DCS - Dynamic Cursor Selector (2024-Oct-13) HMW - Hide my Windows (2024-Oct-19) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2024-Oct-20) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16)
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 (edited) Alright, I've Googled the topic, and my refined question is: How can I add and extract resources from a non-AutoIt .exe with AutoIt? Edit: Would a command-line resource editor like ResHack be ideal? Edited March 29, 2010 by darkjohn20
trancexx Posted March 29, 2010 Posted March 29, 2010 The same way you would do it with non-AutoIt exe to AutoIt exe. ♡♡♡ . eMyvnE
jchd Posted March 29, 2010 Posted March 29, 2010 Since you still need extra code (AutoIt script or other) to "unpack and install" your added resource files, what's the bonus over a self extracting archive if the goal is to avoid "file clutter".I'm just asking and for the record, never wrote here the word malicious myself, not even suggested it was part of your intention. This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)
darkjohn20 Posted March 29, 2010 Author Posted March 29, 2010 Honestly, I'm so bored out of my mind day after day that I make up projects and build off of them. I though about storing files in other files and that has led me to this point. Now my attention has been turned to Resource Adding/Editing which is another project in itself. In a few days I may or may not have another idea. Basically, it's just to see if I CAN, and if so, make some handy little tool for self use that gets old in less than a week.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now