Are you a Knowledgeable VB programmer?

[nkad]

Does anyone know or can point me into the correct direction as to how I can read the proper parts of an executable and load it into memory? The point to this is that I would like to write a packager or delivery module that will have it's payload encrypted and then it will decrypt and laod the executable directly into memory to be executed by the CPU. This project is for some application demo / copy protection module that I want to write for MYSELF that I can use on my other projects. I DONT want to use a 3rd party application. I want to write this myself. I have worked with exe structures a bit but I'm not sure how to load the executable into memory and have it ran.


Thanks for any help towards this matter

Best regrads,

Nick

[hothead]

I have no idea what you're talking about, but I'm gonna take a blind shot at it.

From what I gather, what you're trying to do can be done with a call to ShellExecute.

VB Code:

Public Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long

Search around to find out how to use ShellExecute. I have forgotten how.

[nkad]

A blind shot is right hothead... I am definitally NOT talking about shellexecute... That would be no help to me what so ever. I don't think you read over my post very well.

Here is kina what i wana do.

1) Uncompress the file into position, just as LoadLibrary would, that is expand the data according to section boundary.

2) Use VirtualProtect to set the attributes for each section according to what's in the PE header: readable/writeable/executable, etc.

3) Relocate the EXE according to the new base address. This may fail normally becasue EXE normally does not have relocation table attached in release mode. You may want to make sure your original program has a strange base address such that it will not conflict with normal EXE base address.

4) Load all imported DLL into memory, resolve all import reference, recursively.

5) Shut-down your original program as much as possible.

6) Jump to the entry point of the 'loaded' program.

[nkad]

HELP!

[Spajeoly]

Originally posted by nkad
A blind shot is right hothead... I am definitally NOT talking about shellexecute... That would be no help to me what so ever. I don't think you read over my post very well.

When you're a jerk to people who try to help you, less people are likely going to try to help you.

[Wokawidget]

Also what you are asking is not a standard thing to do...is it even possible? I'm not sure it is, but then again, don't trust the badger.

Why can't you come up with some other form of security...? Password, expiry date or number of runs are always good security methods.

How is your method going to project your app?

Woka

[kleinma]

i would say it isn't something you can do in VB at least....

[Buzby]

This site may help:

http://www.wotsit.org/search.asp?page=2&s=binary

[nkad]

Well kleinma, I do know that it is possible to do, and forgive me for posting something well beyond the standard, how do I use winsock type of posts.

Thanks buzby, I been there once too.


Wokawidget, the method that I want to implement has been done before. The idea is to fully protect the executable itself while still being able to execute the program to demo on a trial basis. The idea is to create a loader (self extracting exe) that would decrypt the application executable and manually create the memory registers, PSP, etc.. in order to load the programs machine code into memory. This method is what I call memory injection and it's a very secure way to demo an app.

You could then implement Anti-debugging code for further protection to protect from tracers, soft-ice, ect..

Yes I would still create some sort of CD-Key system as well.




Thanks for your guys help anyway. I finally found some usefull information on how to do this in ASM. (inwhich the functions I create can then be called from VB)


Best regards

[Bruxelles]

Hi, this is my first Reply and comments on this site...

Well i'm still working on same project bro, and working around IAT redirection
that slow down the hell any cracker especially with adding timer fonctions for anti-debuggers.

I Really still can't help as i stand all this day looking for some solutions for the same problem u posted.
Many Sources and good idea in C++ but nothing yet with VB5/6.

Please if someone know how dont hésitate to help us !
I'll put this topic on TOP MOST in order to get any news about this subject.
thanks and best regards

[vpm_sampath]

Hi, this is my first Reply and comments on this site...

Well i'm still working on same project bro, and working around IAT redirection
that slow down the hell any cracker especially with adding timer fonctions for anti-debuggers.

I Really still can't help as i stand all this day looking for some solutions for the same problem u posted.
Many Sources and good idea in C++ but nothing yet with VB5/6.

Please if someone know how dont hésitate to help us !
I'll put this topic on TOP MOST in order to get any news about this subject.
thanks and best regards

Hi, Bruxelles Post ur C++ idea & source i better try it with Vb,

[Billy Conner]

i have seen an executable memory injection on psc before. the thing i didnt like was that you had to load the vb dll and a few other things in memory along with the exe itself. i think it was under something like process hijacking.