Jump to content

Separating EXE from EOF Data


Recommended Posts

I am making a packer for executables, however several apps(even ones I make) use EOF(End Of File) Data.

The problem I am having is finding the size of the binary code, and reading only the binary data, then reading the EOF seperate.

So that the EOF data can be properly added on to the end of the modified executable.

How would I find the ACTUAL size of the binary data and split it from the EOF data?

[center][/center][center]=][u][/u][/center][center][/center]

Link to comment
Share on other sites

Look into the "PE-file format".

/Manko

Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...
Link to comment
Share on other sites

Don't bump threads more than once a day (after 1 day).

I don't think this is Autoit's related.

Also don't use BIG graphic in your signature.

It is AutoIt related, Im using AutoIt.

Sorry to bump.

What im asking is there a function in autoit that will be able to tell the size of the binary in the file, and take only it out, and split it from the EOF data?

Edited by IchBistTod

[center][/center][center]=][u][/u][/center][center][/center]

Link to comment
Share on other sites

  • 2 weeks later...

Okay I am actually now willing to pay if someone can cough up code to separate EOF data from the actual binary code of an exe into a two part array.

like make a function that returns an array [1] containing the binary and [2] containing the EOF data.

I have tried using while/for loops with isbinary, binarymid stringmid ect with no avail.

Im sure someone else on this forum has more talent in this area than I, or knows more about the PE format than me.

[center][/center][center]=][u][/u][/center][center][/center]

Link to comment
Share on other sites

I am paying $100USD for anyone who can give me the code to do this.

If you insist... make a payment on AlertPay account that you'll be provided with in a reply to your PM regarding this and you will get your function in no time.

So, PM me.

♡♡♡

.

eMyvnE

Link to comment
Share on other sites

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...