Jump to content

Reading Exe file first 10000 bytes and then writing them to another binary file


topten
 Share

Recommended Posts

You can't, AutoIt does not allow you decompile the script and this type of threads are prohibited in the forum :naughty:. Please read Forum Rules

Oops Sorry :P

Edited by TheDcoder

EasyCodeIt - A cross-platform AutoIt implementation - Fund the development! (GitHub will double your donations for a limited time)

DcodingTheWeb Forum - Follow for updates and Join for discussion

Link to comment
Share on other sites

  • Developers

How can I Read .Exe file(autoit)  first 10000 bytes and then write them to another binary file

 

Why?

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

@TheDcoder

What part of the OPs post led you to make yours?

@topten

Assuming you haven't already done so, check out the FileOpen functions section in the help file.

It might be helpful to post what you have tried so far, which might improve the support you recieve and assist others understanding of what you are trying to achieve.

Vlad

wtfpl-badge-1.png

Link to comment
Share on other sites

Thanx for your comments!

@TheDcoder   :ILA3:

@Mobius

I know that I can write into binary file 4 bytes

$hFile = FileOpen("test.bin", BitOR(16, 1)) 
FileWrite($hFile, Binary(547)) ;should write 4 bytes 
FileClose($hFile)

But How can I know exactly that I've read from another .exe file N bytes?

@Jos

I am trying to make an utility which can help editing/adding/deleting hex data

Link to comment
Share on other sites

  • Developers

@Jos

I am trying to make an utility which can help editing/adding/deleting hex data

.... that much a gathered from your question but that doesn't explain what your real goal is.

Why poke around with hex data of a compiled program?

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

  • Moderators

topten,

I have an idea of creating autoit based av, which can analyze the code of malware by the bytes of code

If I were you, I would find another idea - AutoIt is not really suited for such a task. ;)

M23

Public_Domain.png.2d871819fcb9957cf44f4514551a2935.png Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind

Open spoiler to see my UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Link to comment
Share on other sites

@Melba23. To be honest I've made a lot of products, using Autoit, and I am sure about the abilities of this language and I am proud of AutoIt. I know AutoIt has gained some negative comments, because of being used by malware creators. I have an idea which will lead AutoIt onto a new level

Link to comment
Share on other sites

The problem is that AutoIt isn't really a language suited for such a program. It's too slow for one thing, who wants their AV software bogging down their system every time they touch a file?

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites

@

BrewManNH 

It is a long story to explain how I got this idea. But accordingly to my experience AutoIt is much smarter and It is much quicker and much more elegant way doing certain operations than other languages do. 

Btw is it really big secret  "How can I know exactly that I've read from another .exe file N bytes?"  :)

Link to comment
Share on other sites

FileRead with a number in the Count parameter. Use FileOpen with the Binary setting first.

How are you planning on updating this, what type of signature file(s) are you planning on using?

Still think no one is going to trust a scripting language to do AV work, especially when said scripts can't be effectively secured from hackers.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites

  • Developers

Btw is it really big secret  "How can I know exactly that I've read from another .exe file N bytes?"  :)

Think opening the Helpfile should have given you most of the pointers already as it is well documented ... so no secrets here. ;)

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

Thank you, people for you support

Forgive me please for offtopic, I am answering to this part

"Still think no one is going to trust a scripting language to do AV work, especially when said scripts can't be effectively secured from hackers."

It is the question of trust really.  If you read this article http://www.nthelp.com/av_software_spying_on_you.htm you will understand that many AVs can be spying on your systems and that "googleupdate" processes sitting in your trays etc.

So as a result- we are a part of big world where everyone (companies, AV companies)  everywhere are competing with each other try to persuade users that "software A is good and software B is bad. Who will win this competition? I think no one- but if I persuade 300 of users to use AUTOIT based AV- it will be a small viktory for me

Link to comment
Share on other sites

@topten

I'm been a user of autoit for like 3years and for file operations it isn't the best bet, try C#, python,,,you can do what you want but will be terribly slow (as already pointed)

 

"Still think no one is going to trust a scripting language to do AV work, especially when said scripts can't be effectively secured from hackers."

You think compiled languages are effectively secured from hackers?

Heroes, there is no such thing

One day I'll discover what IE.au3 has of special for so many users using it.
C'mon there's InetRead and WinHTTP, way better
happy.png

Link to comment
Share on other sites

Kyan ,

1) It is the question of preferences. You say "it isn't the best bet, try C#, python,,,", but inspite of all those facts- You are HERE :) It means that for some reason- you are using Autoit not them :)

2) Fast or slow? hmm- when you come to the dentist You wont care- will he do it fast or slow, You would care if it would be done without pain :) Common users, believe me are not so choosy as programmers and they dont even know the difference. I will be the best friend of those of them who just start using the av and continue doing their things as usual.

Link to comment
Share on other sites

LOL. Respect.

To tell the truith- I was not going to innitiate this type of discussion- I just asked a silly question. The answer was "Think opening the Helpfile should have given you most of the pointers already as it is well documented ... so no secrets here. ;)"

Anyway, I appreciate very much all your posts people :thumbsup:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...