Sign in to follow this  
Followers 0
darkjohn20

Injecting a dll or exe into another exe?

19 posts in this topic

#1 ·  Posted (edited)

I seem to recall there being an example script that would take an exe or dll and inject it into a target exe.

I've been searching through the forums but can't seem to find it. Perhaps I just don't know the correct name for it.

As far as I know it wasn't locked or removed for being "malicious". Correct me if I'm wrong.

Could anyone point me to something like this?

Thanks.

Edit: To be clear, I'm not looking for embedding .exe's in AutoIt compiled files. I'm talking about .exe files that have nothing to do with AutoIt.

Edited by darkjohn20

Share this post


Link to post
Share on other sites



What I meant was putting one .exe into another. (Not while it's running).

It can be done, because it's been on the forums. I don't recall there being a problem last time I saw it, but if this shouldn't be discussed, please, lock this, and forgive me for bringing it up.

If, by a small chance, this topic is alright, does anyone else have any ideas?

Share this post


Link to post
Share on other sites

There are perfectly legitimate uses for code injection ... and obviously other in grey or dark areas.

Have you tried a search for "dll injection"?


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Extending functionality or implementing workarouds in third-party code when you don't have the full source, debugging in some situations, for instance.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

It isn't dll injection.

I guess if I was to refine what I'm looking for, it would be storing an exe/dll file in another exe, one that wasn't running.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

That's even harder. DO you mean you want an equivalent of FileInstall but for random executables you don't have source code? I suppose that could be done by messing with the .exe format (extending declared size while preserving entry point), but I don't see how your extra code could get executed if the "pregnant" .exe isn't aware of its state. In the case of .dll, there is I believe still a question about relocation.

What is the real-life need for such hacking of passive executable(s)?

Edit: ADS is a way of storing something along a regular file, not inside. Also I don't believe an ADS can survive common situations like transfer over some networks, copying to a FAT filesystem, etc.

Edited by jchd

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

That's even harder. DO you mean you want an equivalent of FileInstall but for random executables you don't have source code? I suppose that could be done by messing with the .exe format (extending declared size while preserving entry point), but I don't see how your extra code could get executed if the "pregnant" .exe isn't aware of its state. In the case of .dll, there is I believe still a question about relocation.

What is the real-life need for such hacking of passive executable(s)?

It's quite simple actually (well the theory is...), add another section with your code in it, point entyr point to the new section and then your code do a jump back to the original entry point when it's done.

However part from the personal enjoyment of such hacking there is very few (if any) legitimate reasons to do this.

Also, if you look at the right places you will find that there are code on these forums that allows you to hack executables so they execute arbitrary code every time they're started.


Broken link? PM me and I'll send you the file!

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

Basically, I mean having an exe:

xxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxx

and adding another exe to the end:

xxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxx

nnnnnnnnnnnnnn

nnnnnnnnnnnnnn

I believe the example I saw long ago gave a reason along the lines of:

All data is stored in an .exe, and then could be pulled out.

This would be ideal if you wanted a program to start as a single .exe, and, upon the user's request, "unpack" files to an install directory.

So, it would be similar to FileInstall in the overall goal, but maybe not what FileInstall actually does? (I don't know.) And it would be for non-AutoIt .exe's.

jchd, the goal would be to place code into another .exe, but that .exe wouldn't need to know how to run it. It would just be extracted by a script. In essence, another .exe or .dll, or even .txt would just reside in the .exe, so there isn't a bunch of file clutter. I don't really see anything malicious in this, as it would not be runnable by itself.

I will take a look at ADS as it may be what I need.

Edited by darkjohn20

Share this post


Link to post
Share on other sites

That is called adding resources.

You don't add to the end, but to the resource section.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Alright, so how could this be achieved?

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

Alright, I've Googled the topic, and my refined question is:

How can I add and extract resources from a non-AutoIt .exe with AutoIt?

Edit: Would a command-line resource editor like ResHack be ideal?

Edited by darkjohn20

Share this post


Link to post
Share on other sites

The same way you would do it with non-AutoIt exe to AutoIt exe.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Since you still need extra code (AutoIt script or other) to "unpack and install" your added resource files, what's the bonus over a self extracting archive if the goal is to avoid "file clutter".

I'm just asking and for the record, never wrote here the word malicious myself, not even suggested it was part of your intention.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Honestly, I'm so bored out of my mind day after day that I make up projects and build off of them. I though about storing files in other files and that has led me to this point.

Now my attention has been turned to Resource Adding/Editing which is another project in itself. In a few days I may or may not have another idea.

Basically, it's just to see if I CAN, and if so, make some handy little tool for self use that gets old in less than a week. :(

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0