Announcement

Collapse
No announcement yet.

EXE String content/Length

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • EXE String content/Length

    Curious question..Been toying with some code, and just tinkering with the idea of a self-extraction utility...

    And Don, I know you have some experience in this! Great program, just tyring to learn something that has stumped me for a long time..

    The inner workings of a .EXE file (GUI based)...

    Specifically strings in the EXE..


    The EXE will not be running and I will have write access when it is created.

    When it is run it will be opend for read access by ITSELF and it needs to know where to get the string of data from...

    I was hex editing my template EXE I am toying with and see the strings, but no lenght buffer for each string....

    So if I don't know how many bytes will be written, how do I inject into the EXE?

    Just a simple laymens term explanation is good..

    I picture this EXE as a pickup truck, it's bed is empty but how much room do I know I have in it?

    Thanks,

    Scott

    ------------------
    Scott
    mailto:[email protected][email protected]</A>
    Scott Turchin
    MCSE, MCP+I
    http://www.tngbbs.com
    ----------------------
    True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

  • #2
    Can I change this question:

    I have one variable in my EXE, set to either a "0" or a "1".

    If a "1" the program stops execution.
    If a zero and other conditions apply it runs, but then sets the zero to a "1"


    This works fine and dandy by seeking to position 43163....

    But then I add more code and whatnot and now it's at position 43675


    Do I have to do this last in my 'EXE or will it alays be at the same point in my EXE?


    Thanks,

    Scott

    ------------------
    Scott
    mailto:[email protected][email protected]</A>
    Scott Turchin
    MCSE, MCP+I
    http://www.tngbbs.com
    ----------------------
    True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

    Comment


    • #3
      I think you answered your own question...

      If you simply recompile the *exact* same source code over and over, you should find that particular point in the EXE's disk image in the same place, but if you change the source code and recompile, the position is almost certain to change from the previous version.



      ------------------
      Lance
      PowerBASIC Support
      mailto:[email protected][email protected]</A>
      Lance
      mailto:[email protected]

      Comment


      • #4
        So the question then becomes, hmmmm writing dynamic data to an EXE, one would have to find a starting point, write it and write the pointer inside the EXE so the EXE would knwo where to extract it FROM???


        Whoa, this is like time travel to meet yourself in your past...hehe.


        Scott


        ------------------
        Scott
        mailto:[email protected][email protected]</A>
        Scott Turchin
        MCSE, MCP+I
        http://www.tngbbs.com
        ----------------------
        True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

        Comment


        • #5
          OK Let me shoot another idea.

          Lets say somehow in the code I allocate 1k of string space...
          I then build a header using a TYPE.

          I understand LONG's use 2 bytes (??), and strings use whatever I tell them to...??

          I"m thinkign i could dynamically search for the beginning to this field, extract the data and have the header in it POINT to the actual data...as long as i can find that header in the EXE I'd be fine....

          I know Don has some marvelous code out there, I'm hoping to do this one from scratch so I can learn this stuff a bit better...


          Thanks,

          Scott


          ------------------
          Scott
          mailto:[email protected][email protected]</A>
          Scott Turchin
          MCSE, MCP+I
          http://www.tngbbs.com
          ----------------------
          True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

          Comment


          • #6
            LONG's are 4 bytes (32-bits).

            Simply defining a UDT in your code will not place a "hardcopy" of it in the EXE disk image, since the UDT definition itself is not dynamically generated at runtime.

            The easiest solution is to place a string literal in the code and then hex-edit that string literal in the compiled EXE. Yiu can assign this string to a UDT at runtime if you wish, but this is the best way to "reserve" some space in you EXE disk image.

            However, there could be a small problem of line length limits. The compiler itself cannot accept lines physically larger than ~255 bytes, so you'll have to spilt longer strings across lines of code, and then you'll find that they will not occupy sequential bytes in the EXE disk image - they are separated by a length header, etc. ie:
            Code:
            A$ = "12345678910" + _
                 "10987654321"    
            is stored something like:
            
            0B 00 31 32 33 34 35 36 37 38 39 31 30 ' length header, then "12345678910"
            0B 00 31 30 39 38 37 36 35 34 33 32 31 ' length header, then "10987654321"
            In other words, the literals will be stored very close to each other, so you should be able to figure out how to change these strings in the EXE. Just don't blame us if you make a mistake with your editing and your HD gets reformatted!

            ------------------
            Lance
            PowerBASIC Support
            mailto:[email protected][email protected]</A>
            Lance
            mailto:[email protected]

            Comment


            • #7
              Why not modify just attach all that stuff at the end of the EXE file.

              I've seen source code out here that will allow you to get the size of your
              EXE file and then just get the LOF of your EXE, and whatever the
              different of LOF-TRUE EXE SIZE is where your data is.

              ------------------
              -Greg
              -Greg
              [email protected]
              MCP,MCSA,MCSE,MCSD

              Comment


              • #8
                If you really have the urge to store string data to be retrieved at run time, you could store it as a resource.

                MCM
                Michael Mattias
                Tal Systems Inc. (retired)
                Racine WI USA
                [email protected]
                http://www.talsystems.com

                Comment


                • #9
                  How would one reformat their HD by modifying an EXE?

                  I do see your point however ...

                  In the EXE with the structure, zero is stored for each long, so it is pre-stored, blanks of course but it is there....

                  Now just appending to the end of the EXE leaves me curious, I don't get a good feeling from that though hehe...

                  I suppose it's worth a try but I would think Windows would know the difference (??)




                  ------------------
                  Scott
                  mailto:[email protected][email protected]</A>
                  Scott Turchin
                  MCSE, MCP+I
                  http://www.tngbbs.com
                  ----------------------
                  True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                  Comment


                  • #10
                    When I wrote a self-extracting utility, I write out a pointer to the start of the appended data as a long at the last 4 bytes of the file.
                    The first thing the program does when extracting itself is read the last 4 bytes so that it knows where to start writing. I also include some sort of sign or checksum at the end of the file so that the program knows its ok to extract.
                    Then I seek that location and start reading.

                    --Don

                    ------------------
                    www.basicguru.com/dickinson
                    Don Dickinson
                    www.greatwebdivide.com

                    Comment


                    • #11
                      Thanks Don, That's sorta my idea too so I know a good starting point...

                      It's not working like it should, so I may reconsider the ASCIIZ.


                      But if I do read an Asciiz I won't have a fixed length header so wouldn't I need to know where the header begins *and* ends?

                      As for the data, a pointer as you mentioned is a great idea...

                      I suppose I may be re-inventing the wheel but the learning curve here is great, really enjoying learning it without turning to someone else's code....

                      So which would be the better to read/write to/from the EXE, an Asciiz or a fixed length string that I KNOW where the begin/end point is at???


                      Thanks!

                      ------------------
                      Scott
                      mailto:[email protected][email protected]</A>
                      Scott Turchin
                      MCSE, MCP+I
                      http://www.tngbbs.com
                      ----------------------
                      True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                      Comment


                      • #12
                        Scott,

                        Use ! db or ! dd like this:

                        IF 1 = 0 THEN
                        ! dd &H12345678, &H87654321 'or another good searchable signature.
                        ! dd 0,0,0,0,0 'your modifiable data.
                        ! dd &H11223344, &H55667788 'end signature if you like.
                        END IF

                        Search for your signature and your data will be right behind it, whereever it may be found.

                        Be sure to take care of word alignment. Align your data at the next DWORD after the signature.


                        Peter.



                        ------------------
                        [email protected]
                        [email protected]

                        Comment


                        • #13
                          Whoa! Tell me more, I like this!!

                          I was u sing a string, "PYTHON32CCS", that way there was no chance of some random chain of characters simulating it.

                          But ASM is always fast, tell me more!!

                          If you had a great example I'd appreciate it! WHere did you derive the hex value from?


                          Thanks,

                          Scott

                          ------------------
                          Scott
                          mailto:[email protected][email protected]</A>
                          Scott Turchin
                          MCSE, MCP+I
                          http://www.tngbbs.com
                          ----------------------
                          True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                          Comment


                          • #14
                            This is what I see in a hex editor, what are the extraneous characters after string values that are not "Full", ie a string as 11 may only have 8 characters in this case:
                            It's got something to do with telling windows an 11 byte string is only using 8 ???


                            fhHeaderStart|PW | TempDir |Installdate |Maxusedate current uses|max uses
                            PYTHON32CCS PASSWORD¤ C:\WINDOWS\TEMP§ JAN 20, 2001 12:00 PM§ JAN 29, 2001 12:00 PM 16 17

                            ------------------
                            Scott
                            mailto:[email protected][email protected]</A>
                            Scott Turchin
                            MCSE, MCP+I
                            http://www.tngbbs.com
                            ----------------------
                            True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                            Comment


                            • #15
                              Got it!
                              Windows puts an identifier in HEX in front of a null, and then the string following after it.

                              In each case in my EXE a F appeared before a 15 digit string, a 15 appeared before a 21 digit string (15 is hex for 21 decimal).

                              Now I can parse correctly!


                              Scott


                              ------------------
                              Scott
                              mailto:[email protected][email protected]</A>
                              Scott Turchin
                              MCSE, MCP+I
                              http://www.tngbbs.com
                              ----------------------
                              True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                              Comment


                              • #16
                                Sheesh! I gave you the answer to your "mystery" about the contents of the literal string header in my 2nd message in this thread...

                                So on that note, I must point out that it is not _Windows_ that places that 16-bit header information before the string literal in the disk image of your compiled EXE!

                                <g,d & r>



                                ------------------
                                Lance
                                PowerBASIC Support
                                mailto:[email protected][email protected]</A>
                                Lance
                                mailto:[email protected]

                                Comment


                                • #17
                                  It's frustrating me because I have to keep modifying the source but I don't have the piece that will WRITE the original header done, maybe I should work on that first but without the stub...

                                  Like I said, Time Travel *Grin*

                                  Scott

                                  ------------------
                                  Scott
                                  mailto:[email protected][email protected]</A>
                                  Scott Turchin
                                  MCSE, MCP+I
                                  http://www.tngbbs.com
                                  ----------------------
                                  True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                                  Comment

                                  Working...
                                  X