Change Constants in Exe C++

This article has been written before more than 24months, information might old.

Se presupune ca avem un program cu cateva constante pe care vrem sa le schimbam din alt executabil .

Pentru aceasta vom scrie cel mai simplu program cu o constanta posibil adica :

#include <iostream>
void main(){
const char name[] = "John Doe";
std::cout << name << std::endl;system("PAUSE");
}

Acum vrem sa scriem un program care extrage din el programul de mai sus si ii schimba constanta name in altceva .

#include "stdafx.h"
#include <iostream>
#include "resource.h"
#include <Windows.h>
#include <tchar.h>

int _tmain(int argc, _TCHAR* argv[])
{
	/* Extract Exe from Exe */
	LPCTSTR OutFname = L"ssrOriginal.exe";DWORD dwBytesWritten;
	HRSRC hResource = FindResource(NULL, MAKEINTRESOURCE(1),  MAKEINTRESOURCE(256));        
	HGLOBAL hFileResource = LoadResource(NULL, hResource);
	DWORD dwSize = SizeofResource(NULL, hResource); 
	LPVOID lpFile = LockResource(hFileResource);    
	HANDLE hFile = CreateFile(OutFname,GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);   
	WriteFile(hFile,lpFile,dwSize,&dwBytesWritten,0);
	CloseHandle(hFile); 
	/* Extract Exe from Exe */
	OutFname = L"ssrChanged.exe";
	hResource = FindResource(NULL, MAKEINTRESOURCE(1),  MAKEINTRESOURCE(256));        
	hFileResource = LoadResource(NULL, hResource);
	dwSize = SizeofResource(NULL, hResource); 
	lpFile = LockResource(hFileResource);    
	hFile = CreateFile(OutFname,GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);   
	WriteFile(hFile,lpFile,dwSize,&dwBytesWritten,0);
	CloseHandle(hFile);
	/* Change constant from one Exe */
	OFSTRUCT fInfo = {0};HANDLE file;
	char ss[] = "La la la";  
	LPCVOID nstr = ss;
	file =	(HANDLE)OpenFile("ssrChanged.exe",&fInfo,OF_READWRITE);
	SetFilePointer(file,0x1114,NULL,FILE_BEGIN);
	WriteFile(file,nstr,sizeof(ss),&dwBytesWritten,NULL);
	CloseHandle(file);
	system("PAUSE");
	return 0;
}

Intrebarea este la ce am putea sa folosim o astfel de metoda , raspunsul este simplu atunci cand dintr-un exe vrem sa extragem un exe , personalizat care sa se comporte diferit in functie de constantele modificate.

Spre exmplu la crearea unui constructor pentru un backdoor , keylogger sau orice program care are nevoie sa extraga date si sa le trimita undeva specific ( mail , ftp , retea , server web , sau orice server pe port customizat care asteapta informatiile ) .

Acest Demo se poate descarca de aici : http://dwl1.satanic.ro/fisier.php?id=a04e11b288e282bcfd7c8fb7915d0db8

Share the joy

Leave a Reply