Jump to content

Recommended Posts

Well i tried reading it as binary and converting it to binary, i tried reading it in normal mode and converting that to binary and got nothing. I  also tried using the first post to directly put the exe binary code into the script as a variable and once again with no error or result.

[center][/center][center]=][u][/u][/center][center][/center]

Link to post
Share on other sites
  • Replies 201
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

It's about running exe from memory as it's often called. So you have some binary data that you want to embed in your script and run afterward like some additional program. In this post I will try to

There is a problem with page 9 of this thread. Page 8 works, and page 10 works. Page 9 does not load.

Yes it is.You think it should be removed?

Posted Images

Hi,

I treid notepad.exe and some others (e.g: Autoit Scripts) with no luck. Error 6

Mega

Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Link to post
Share on other sites

Hi,

I treid notepad.exe and some others (e.g: Autoit Scripts) with no luck. Error 6

Mega

I had the same issue. I tried with notepad first, but I simply copied the console output and pasted into another file. No workie. >_< I didn't notice till later that there is a clipput command in the script to capture the bin data. When I simply pasted from the clipboard notepad worked fine for me.

Link to post
Share on other sites

Just wondering if anyone could tell me why this wouldnt be working for me... even on XP.

Also is there ANY way to get it to work on vista?

Why are you refusing to open your eyes and read what's written to you.

I think I was pretty clear on the way I'm gonna give the solution. Why? Because method posted here is dangerous. In combination with AutoIt it's a bomb. (Construction of these sentences is meant to be the clue)

If you want to use it you will also have to use your head. And that's going for anyone else.

All is posted and all is said. If you can't find it then you have to ask your self, what's wrong? How come you don't see what's obvious for some others.

I hope you wouldn't take too personal what I wrote here. It wasn't meant to be. Average AutoIt user is addressed (abusers not included).

♡♡♡

.

eMyvnE

Link to post
Share on other sites

Global $bBinary = "0x4D5A6C000100000002000000FFFF000000000000110000004000000000000000" & _

"57696E33322050726F6772616D210D0A24B409BA0001CD21B44CCD2160000000" & _

--------------------

Global $iNewPID = _RunExeFromMemory($bBinary)

If @error Then

MsgBox(48, 'Error occurred', "Error number: " & @error)

Else

ConsoleWrite($iNewPID & @CRLF)

EndIf

>_<

this code......

Global $iNewPID = _RunExeFromMemory($bBinary & " " & $option1 & " " & $option2 & ....)

use how too?

exe(upx compress)(11kb) -> convert binary(non upx/decompress)(25kb) -> _RunExeFromMemory(non upx) -> runtime error

binary(compress) use how too?

Edited by davidkim

I interest am many quite in AutoitScript.From that is [http://cafe.naver.com/autoitscript[/color]] Korea of cafe(blog) to be operating, [size="2"][color="#ff00ff"]English cannot well[/size].Many help it requests.To read, it stands it thanks.

Link to post
Share on other sites

Global $bBinary = "0x4D5A6C000100000002000000FFFF000000000000110000004000000000000000" & _

"57696E33322050726F6772616D210D0A24B409BA0001CD21B44CCD2160000000" & _

--------------------

Global $iNewPID = _RunExeFromMemory($bBinary)

If @error Then

MsgBox(48, 'Error occurred', "Error number: " & @error)

Else

ConsoleWrite($iNewPID & @CRLF)

EndIf

>_<

this code......

Global $iNewPID = _RunExeFromMemory($bBinary & " " & $option1 & " " & $option2 & ....)

use how too?

exe(upx compress)(11kb) -> convert binary(non upx/decompress)(25kb) -> _RunExeFromMemory(non upx) -> runtime error

binary(compress) use how too?

Could you ask one question at a time. I have troubles understanding what you wrote.

♡♡♡

.

eMyvnE

Link to post
Share on other sites

Global $bBinary = "0x4D5A6C000100000002000000FFFF000000000000110000004000000000000000" & _
        "57696E33322050726F6772616D210D0A24B409BA0001CD21B44CCD2160000000" & _

Global $iNewPID = _RunExeFromMemory($bBinary)
If @error Then
    MsgBox(48, 'Error occurred', "Error number: " & @error)
Else
    ConsoleWrite($iNewPID & @CRLF)
EndIf
; Ermmm.
; this code......
Global $iNewPID = _RunExeFromMemory($bBinary & " " &  $option1 & " " & $option2 & ....)
;use how too?
If I might have a crack at a translate....

The above code the dude is asking how he might use your method, similar to the Run() function,

ie) by passing the memory executable commandline switches.

_RunExeFromMemory($bExe,"/switch1  /switch2 /etc")

I might be wrong on this though...

exe(upx compress)(11kb) -> convert binary(non upx/decompress)(25kb) -> _RunExeFromMemory(non upx) -> runtime error

binary(compress) use how too?

This portion I believe he wants to know...

why is it when you pack a binary, then convert the packed file to a binhex dump (script variable) and execute it from memory,

how come the packers loader does not magically recognize the situation it is being executed in and proceed, instead of breaking down.

Edited by Mobius

wtfpl-badge-1.png

Link to post
Share on other sites

Switches are passed to CreateProcess function (second parameter). Like this maybe:

Packers shouldn't cause problems because entry point is adjusted prior real execution. Though, I can imagine situation where there could be problems with some imaginary packer that would read unloaded-self, therefore read wrong self (i.e. @AutoItExe).

This situation is with AutoIt3.exe btw, but shouldn't be happening with packers. If so it would indicate poor job, or poor packer, in my opinion.

♡♡♡

.

eMyvnE

Link to post
Share on other sites

If I might have a crack at a translate....

The above code the dude is asking how he might use your method, similar to the Run() function,

ie) by passing the memory executable commandline switches. :(.

_RunExeFromMemory($bExe,"/switch1  /switch2 /etc")

>_<

Thanks Mobius

I might be wrong though

This portion I believe he wants to know...

why is it when you pack a binary, then convert the packed file to a binhex dump (script variable) and execute it from memory,

how come the packers loader does not magically recognize the situation it is being executed in and proceed, instead of breaking down.

:(

run(@scriptdir & '\sample.exe /option1 /option2) -> test ok (sample.exe is upx compress saving files,ex:15kb)

_RunExeFromMemory($bExe,"/option1 /option2") -> test fail (sample.exe is binary converting/non upx/decompress files,ex:30kb)

I interest am many quite in AutoitScript.From that is [http://cafe.naver.com/autoitscript[/color]] Korea of cafe(blog) to be operating, [size="2"][color="#ff00ff"]English cannot well[/size].Many help it requests.To read, it stands it thanks.

Link to post
Share on other sites

Switches are passed to CreateProcess function (second parameter). Like this maybe:

Packers shouldn't cause problems because entry point is adjusted prior real execution. Though, I can imagine situation where there could be problems with some imaginary packer that would read unloaded-self, therefore read wrong self (i.e. @AutoItExe).

This situation is with AutoIt3.exe btw, but shouldn't be happening with packers. If so it would indicate poor job, or poor packer, in my opinion.

>_<

RUNFromMemory_ping.au3 (Global $sModule = @SystemDir & '\ ping.exe' -> Global $sModule = @scriptdir & '\ mysample.exe') test fail ......

mysample.exe compression program is run.

But after converting to binary mysample.exe size increases.

This increased size is actually an error in memory silhaengdoelttae.

please......

Edited by davidkim

I interest am many quite in AutoitScript.From that is [http://cafe.naver.com/autoitscript[/color]] Korea of cafe(blog) to be operating, [size="2"][color="#ff00ff"]English cannot well[/size].Many help it requests.To read, it stands it thanks.

Link to post
Share on other sites

Hello trancexx,

Why the AU3 exe are not supported by your function ?

Its working well with other programs like notepad.

Its Give me error "Unable to open the script file."

Mostly this error occurs when any virus infect AU3 exe or any AV try to clean that file.

In case of infection normally virus change the AOEP & use realocations; which will become a corrupted exe file.

In your UDF i am not seeing any thing like that which makes any changes in exe data, its virtually execute the Binary data, why its giving this error ? >_<

I got my Answer http://www.autoitscript.com/forum/index.php?showtopic=100609

Edited by Digisoul

73 108 111 118 101 65 117 116 111 105 116

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...