A while ago, there was a thread about using large binary resources within
an EXE file and through testing done by Semen, it was determined that at
least some versions of 32 bit windows do not function correctly with the
resource load#### API functions once the resources are over a certain
size.
Below is an alternative approach that is free of the limitations imposed
by the operating system in this instance. There are two (2) seperate
pieces of code here, one is a complete utility writen for PBCC version 2
and the other is a function that is used in the EXE that has a file
appended to the end of it.
Here is how it works, the utility takes 2 command line parameters, the
first is the name of the EXE file that is to have another file appended to
the end of it, the second is the name of the file that is appended to it.
The utility reads both files into memory and gets their length, writes
both lengths into an unused part of the DOS header at the start of the EXE
file in memory and then deletes the original EXE file on disk and writes
the new one with the same name and the appended file to disk as one disk
file. The utility doe not modify the PE header or image at all.
To get the appended file from within the EXE file that has the file
appended to it, the function below reads the two (2) DWORD values from the
DOS header where the utility wrote them and loads the appended file into a
normal basic string ready to write to disk.
This process has been tested with files over 12 meg in size and it does
not have any problems and all of the normal resource load#### function
work normally. It has also been tested with AVP to ensure that the
appended file does not trigger the heuristic virus alert in the smarter
end of anti-viral software.
One limitation imposed by this technique is that the file should not
be modified with either a compressor or encryption after it has been made.
If you need to compress or encrypt the EXE file, do it before it has the
append operation done to it. Otherwise the function will give the wrong
values for the appended file length.
Regards,
[email protected]
an EXE file and through testing done by Semen, it was determined that at
least some versions of 32 bit windows do not function correctly with the
resource load#### API functions once the resources are over a certain
size.
Below is an alternative approach that is free of the limitations imposed
by the operating system in this instance. There are two (2) seperate
pieces of code here, one is a complete utility writen for PBCC version 2
and the other is a function that is used in the EXE that has a file
appended to the end of it.
Here is how it works, the utility takes 2 command line parameters, the
first is the name of the EXE file that is to have another file appended to
the end of it, the second is the name of the file that is appended to it.
The utility reads both files into memory and gets their length, writes
both lengths into an unused part of the DOS header at the start of the EXE
file in memory and then deletes the original EXE file on disk and writes
the new one with the same name and the appended file to disk as one disk
file. The utility doe not modify the PE header or image at all.
To get the appended file from within the EXE file that has the file
appended to it, the function below reads the two (2) DWORD values from the
DOS header where the utility wrote them and loads the appended file into a
normal basic string ready to write to disk.
This process has been tested with files over 12 meg in size and it does
not have any problems and all of the normal resource load#### function
work normally. It has also been tested with AVP to ensure that the
appended file does not trigger the heuristic virus alert in the smarter
end of anti-viral software.
One limitation imposed by this technique is that the file should not
be modified with either a compressor or encryption after it has been made.
If you need to compress or encrypt the EXE file, do it before it has the
append operation done to it. Otherwise the function will give the wrong
values for the appended file length.
Regards,
[email protected]
Code:
-------------------------------------------------------------------------- The function to use in the EXE file to get the appended file as a basic string. ' ######################################################################### ' To use with APPENDIT.EXE. This function reads the two (2) DWORD ' values written at 30h in the DOS header of the running EXE file ' and then reads the appended file into the return string. ' ######################################################################### FUNCTION GetAppendFile() as String ' DECLARE FUNCTION GetAppendFile() as String #REGISTER NONE LOCAL fLen1 as LONG LOCAL fLen2 as LONG LOCAL dump as LONG LOCAL hFile as LONG LOCAL src as LONG LOCAL fs as LONG LOCAL szbuffer as ASCIIZ * 128 GetModuleFileName ByVal %NULL,szbuffer,128 hFile = CreateFile(ByVal VarPtr(szbuffer),%GENERIC_READ, _ %FILE_SHARE_READ,ByVal %NULL,%OPEN_EXISTING, _ %FILE_ATTRIBUTE_NORMAL,ByVal %NULL) fs = GetFileSize(hFile,%NULL) Buffer$ = space$(fs) rv& = ReadFile(hFile,ByVal StrPtr(Buffer$),fs, _ ByVal VarPtr(dump),ByVal %NULL) src = StrPtr(Buffer$) ! mov esi, src ! add esi, &H30 ; offset in DOS header ! lodsd ! mov fLen1, eax ! lodsd ! mov fLen2, eax CloseHandle hFile FUNCTION = right$(Buffer$,fLen2) END FUNCTION '########################################################################## The PBCC 2 application that appends the file and writes to the DOS header. ' ######################################################################### DECLARE FUNCTION Exist&(fname$) ' ######################################################################### FUNCTION PbMain() #REGISTER NONE If command$ = "" Then StdOut "No command line supplied" Exit Function End If cmd$ = command$ spp& = instr(cmd$," ") ' space position exename$ = trim$(left$(cmd$,spp& - 1)) If Exist&(exename$) = 0 Then StdOut "Cannot find > " + exename$ Exit Function End If addfile$ = trim$(right$(cmd$,len(cmd$)-spp&)) If Exist&(addfile$) = 0 Then StdOut "Cannot find > " + addfile$ Exit Function End If Open exename$ for Binary as #1 ln1& = lof(1) Get$ #1, ln1&, a$ Close #1 Open addfile$ for Binary as #1 ln2& = lof(1) Get$ #1, ln2&, b$ Close #1 kill exename$ c$ = a$ + b$ src& = StrPtr(c$) ! mov edi, src& ! add edi, &H30 ! mov eax, ln1& ; write 1st length at 30h ! stosd ! mov eax, ln2& ; write 2nd length after it ! stosd Open exename$ for OutPut as #1 Print #1, c$; Close #1 msg1$ = "exe file length = "+str$(ln1&)+" bytes" msg2$ = "append file length = "+str$(ln2&)+" bytes" msg3$ = exename$ + " written at"+str$(ln1& + ln2&)+" bytes" StdOut msg1$ StdOut msg2$ StdOut msg3$ FUNCTION = 0 END FUNCTION ' ######################################################################### FUNCTION Exist&(fname$) FUNCTION = Len( Dir$(fname$, 17) ) > 0 END FUNCTION ' #########################################################################
Comment