Part - 6

Inject data into spawned SetupEx.exe
Now, we have spawned the SetupEx.exe from the custom resource table and we should go further by injecting the compressed merge data file into the custom resource table (SETUP) of SetupEx.exe as IDC_SETUP1 (show in figure below)



From this figure, you will see the initial compressed merge data content within the SetupEx.exe was just 1 byte. This is just a dummy entry mainly for debugging purpose during coding stage (it must be replce with a actual compressed merge data file). Also, with this IDR_SETUP1 entry, I believe it will help everyone to have a better understanding on how the SetupEx.exe work.

After so much talking here and there about the custom resource and here is the code snippet on injecting the compressed merge data into the custom resource table (SETUP) of the spawned SetupEx.exe.

PHP Code:
// Open the file require to alter the resource table
hFile2 BeginUpdateResource (szTmpBinFile4FALSE);

// Check the return handle value
if (NULL != hFile2 && INVALID_HANDLE_VALUE != hFile2)
{
    
// Update the file resource table
    
if (FALSE == UpdateResource (hFile2,
                                 
"SETUP",
                                 
MAKEINTRESOURCE(IDR_SETUP1),
                                 
MAKELANGID(LANG_ENGLISHSUBLANG_ENGLISH_US),
                                 
lpBinData,
                                 
dwFileSize))
    {
        
// Notify user about the error
        
MessageBox(hWnd,
                   
"Fail to update the resource table of the self-extract executable file!",
                   
APP_TITLE,
                   
MB_OK MB_ICONSTOP);
        
// Reset the local variable
        
hFile2 NULL;
        
// Jump the the "CleanExit" routine
        
goto CleanExit;
    }

    
// Close the modify file
    
if (FALSE == EndUpdateResource (hFile2FALSE))
    {
        
// Notify user about the error
        
MessageBox(hWnd,
                   
"Fail to modify the resource table of the self-extract executable file!",
                   
APP_TITLE,
                   
MB_OK MB_ICONSTOP);
        
// Reset the local variable
        
hFile2 NULL;
        
// Jump the the "CleanExit" routine
        
goto CleanExit;
    }

    
// Reset the local variable
    
hFile2 NULL;

    
// Release the allocated memory
    
if (NULL != lpBinData) {LocalFree((LPBYTE)lpBinData);}
    
lpBinData NULL;
}
else
{
    
// Notify user about the error
    
MessageBox(hWnd,
               
"Fail to open the resource table of the self-extract executable file!",
               
APP_TITLE,
               
MB_OK MB_ICONSTOP);
    
// Jump the the "CleanExit" routine
    
goto CleanExit;

After the injection, you should see the compressed merge data sit inside the SetupEx.exe by using the freeware tool (a tool you can not miss it!!!) Resource Hacker (freeware) Copyright © 1999-2002 Agnus Johnson

The screen shot below show the different of the custom resource (IDR_SETUP1) as comapre to the initial 1 byte data only.



NOTE:
The value of 2000 you saw in the above 2 screenshot was equivalent to the IDR_SETUP1, as this was pre-define under the resource.h of both the SetupEx.exe and SelfExtract.exe project file. So, the merge data file must be inject into this entry. Other wise, the SetupEx.exe will not be able to extract the injected merge data. Becuase it will remain locate the initial IDR_SETUP1 from the newly spawned SetupEx.exe which only have 1 byte data inside.

PHP Code:
#define IDR_SETUP1                      2000 
Also, the value of 1033 you saw from the screenshot above is another key item, and you must carefully check and verify this value before you start modify either SetupEx.exe and SelfExtract.exe. Because this value mean the current custom resource table language identifier. For instance, 1033 mean primary language is ENGLISH (0x09), and sublanguage is ENGLISH US (0x01). Please refer to the MSDN Library (by search for the MAKELANGID API) to get more information about the available language identifier.