flat assembler
Message board for the users of flat assembler.

Index > Windows > Help combining two codes

Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 17 Dec 2011, 05:22
Ctrl + F ----> IDM_NEW
Post 17 Dec 2011, 05:22
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 17 Dec 2011, 08:38
peet wrote:
so i found the IDM_NEW in FASMW.ASM, but nowhere a link (include) to that file, is this defined in compiler anywhere maybe?
You already defined it in your code.
Code:
IDM_NEW   = 101    
You defined it, in your assembly code with that line above.
Post 17 Dec 2011, 08:38
View user's profile Send private message Visit poster's website Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 17 Dec 2011, 13:55
so this is the definition of IDM_NEW in miniPAD.ASM
Code:
cmp     eax,IDM_NEW
je      .new
    


these lines i was searching for...!


@typedef: What about CTRL-F?
Post 17 Dec 2011, 13:55
View user's profile Send private message Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 17 Dec 2011, 14:05
so i'm again at the point trying to intergrate the fading transparent effect of 'transparent window' to the miniPAD.

could someone teach me how to get those two codes combined the right way please? i do not see some depencies i guess?!
Post 17 Dec 2011, 14:05
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 17 Dec 2011, 18:33
Did you understand what revolution said to you though ?
Post 17 Dec 2011, 18:33
View user's profile Send private message Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 17 Dec 2011, 21:31
typedef wrote:
Did you understand what revolution said to you though ?


me DID understand - YOU did not understand what i asked, - as i wanted to know where and how IDM_NEW is defined (defined==what it does do)

is is defined here

Code:
 cmp     eax,IDM_NEW 
    je      .new     

and further here

Code:
 .new:
    invoke      SendMessage,[edithwnd],WM_SETTEXT,0,0    

THIS is what i did ask if you would have understood me. But you made me follow your sight of things, instead of pickin me up where i was standing as a newbe in asm. Vou did hear/read a keyword and told me about it without recognizing my question behind that keyword.

But back to learning asm, do i have the point or do still dismiss something about the construct IDM_NEW?
Post 17 Dec 2011, 21:31
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3499
Location: Bulgaria
JohnFound 17 Dec 2011, 21:42
peet wrote:
YOU did not understand what i asked, - as i wanted to know where and how IDM_NEW is defined (defined==what it does do)


Hm, peet, maybe we have some language problem here. "defined" is not equal to "what it does do" in my understanding.
Revolution, already explained you that the constant IDM_NEW is defined by the following line of code in your source:
Code:
IDM_NEW   = 101    
Post 17 Dec 2011, 21:42
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 01:21
yep John, that is the point, but if a professional is talking to newbies he can't expect the newbie to understand his language and sight - otherwise he'd be no newbie. i know this problem from support myself, and we ourself try to keep that thing in mind. because if two people talk together often it is not that made shure they talked about the same thing. and of course if both side are no native speakers thing get eben more complicated sometimes. but i don't want to complain, i want to learn.

so anyway and really thanks for ALL answers, as they all helped me to step further.
Post 18 Dec 2011, 01:21
View user's profile Send private message Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 01:43
so back to the code, i will reread the combined code and try to find the point where the method is not already known by the code while calling. i'll try.

while with the point of integration i will need some more input. like how to place the scrollbar for transparncy somewhere usable place (like in menubar?). once more here is what i was trying to do:

I found the provided miniPAD example and thought it would be very handy tool if the functionallity of the transparent window would be integrated into the miniPAD itself.

therefore i tryed to identify the code inside the transparent window source code which would be necessary to add into miniPAD and where. I made this point fix to the similaries between the two window apps. So i compaired the code and took those passages from the transparent window which were not found in exact or similar kind in the miniPAD and adding it in the identical sections at the right point.

to make this comprehensible i did mark the imported code with the ----- lines and asked where i did go wrong because of the compiling errors and my blindness to see where the functionallity was coded exactly. how should i find the reason for method (symbol?) not known at calling time when i can't see where it is defined (made?).

maybe somebody could teach me, or tell me the right way. like maybe i have first to isolate the functions from transparent window before thinkin about importing it into another peace of code, or maybe you see that i only and simply did mix up some pieces of code because not having understood it really, while you see i mixed apples and pears?
Post 18 Dec 2011, 01:43
View user's profile Send private message Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1619
Location: Toronto, Canada
AsmGuru62 18 Dec 2011, 04:58
@peet:
See my changes to MiniPAD marked by [AG62].
Use F5/F6 to change more or less transparency and use Ctrl+A to select all text.

btw, why the FASM code samples so badly formatted and almost no comments used and no empty lines almost anywhere?
Code:

; Simple text editor - fasm example program

format PE GUI 4.0
entry start

include 'win32a.inc'

IDM_NEW   = 101
IDM_EXIT  = 102
;
; [AG62]: See, I do not care about the numbers, just
; use a proper NAME for the menu item and make sure
; same number is not used for other menu items.
;
IDM_MORE_PERCENTAGE = 52893
IDM_LESS_PERCENTAGE = 8371
IDM_SELECT_ALL = 3333

IDM_ABOUT = 901
FACTOR_STEP = 12

section '.text' code readable executable

  start:

 invoke GetModuleHandle,0
 mov [wc.hInstance],eax
 invoke LoadIcon,eax,17
 mov [wc.hIcon],eax
 invoke LoadCursor,0,IDC_ARROW
 mov [wc.hCursor],eax
 invoke RegisterClass,wc
 test eax,eax
 jz error

 invoke LoadMenu,[wc.hInstance],37
 call AdjustMenu  ; <-- [AG62] add some new menu items.

 invoke CreateWindowEx,WS_EX_LAYERED,\   ; <-- Added WS_EX_LAYERED style [AG62]
              _class,_title,\
              WS_VISIBLE or WS_OVERLAPPEDWINDOW,\
              144,128,256,256,NULL,eax,[wc.hInstance],NULL

 test eax,eax
 jz error

    invoke    CreateAcceleratorTable,tblAccel1,3  ; <-- [AG62]
    mov       [hAccelerators], eax

  msg_loop:
  mov edi, msg
 invoke GetMessage,edi,NULL,0,0
 cmp eax,1
 jb end_loop
 jne msg_loop
    ;
    ; [AG62]
    ; First check if accelerators were in action
    ;
    invoke    TranslateAccelerator,[hMainWnd],[hAccelerators],edi
    test      eax, eax
    jnz       msg_loop

invoke TranslateMessage,edi
 invoke DispatchMessage,edi
 jmp msg_loop

  error:
 invoke MessageBox,NULL,_error,NULL,MB_ICONERROR+MB_OK

  end_loop:
  invoke DestroyAcceleratorTable,[hAccelerators]  ; <-- [AG62]
 invoke ExitProcess,[msg.wParam]

proc WindowProc hwnd,wmsg,wparam,lparam
 push ebx esi edi
 cmp [wmsg],WM_CREATE
 je .wmcreate
    ;
    ; To reduce flicker [AG62]
    ;
 cmp [wmsg],WM_ERASEBKGND
 je .wmerasebkgnd

 cmp [wmsg],WM_SIZE
 je .wmsize
 cmp [wmsg],WM_SETFOCUS
 je .wmsetfocus
 cmp [wmsg],WM_COMMAND
 je .wmcommand
 cmp [wmsg],WM_DESTROY
 je .wmdestroy
  .defwndproc:
 invoke DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
 jmp .finish

.wmerasebkgnd:  ; [AG62] - return TRUE to reduce flicker on resize
 push 1
 pop eax
 jmp .finish
 
  .wmcreate:
    ;
    ; Set it to be 50% transparent on startup [AG62]
    ;
    mov       eax, [hwnd]
    mov       [hMainWnd], eax
    invoke SetLayeredWindowAttributes,eax,0,[transfactor],LWA_ALPHA

 invoke GetClientRect,[hwnd],client
 invoke CreateWindowEx,WS_EX_CLIENTEDGE,_edit,0,WS_VISIBLE+WS_CHILD+WS_HSCROLL+WS_VSCROLL+ES_AUTOHSCROLL+ES_AUTOVSCROLL+ES_MULTILINE,[client.left],[client.top],[client.right],[client.bottom],[hwnd],0,[wc.hInstance],NULL
 or eax,eax
 jz .failed
 mov [edithwnd],eax
 invoke CreateFont,16,0,0,0,0,FALSE,FALSE,FALSE,ANSI_CHARSET,OUT_RASTER_PRECIS,CLIP_DEFAULT_PRECIS,DEFAULT_QUALITY,FIXED_PITCH+FF_DONTCARE,NULL
 or eax,eax
 jz .failed
 mov [editfont],eax
 invoke SendMessage,[edithwnd],WM_SETFONT,eax,FALSE
 xor eax,eax
 jmp .finish
      .failed:
 or eax,-1
 jmp .finish
  .wmsize:
 invoke GetClientRect,[hwnd],client
 invoke MoveWindow,[edithwnd],[client.left],[client.top],[client.right],[client.bottom],TRUE
 xor eax,eax
 jmp .finish
  .wmsetfocus:
 invoke SetFocus,[edithwnd]
 xor eax,eax
 jmp .finish
  .wmcommand:
 mov eax,[wparam]
 and eax,0FFFFh
 cmp eax,IDM_NEW
 je .new
 cmp eax,IDM_ABOUT
 je .about
 cmp eax,IDM_EXIT
 je .wmdestroy
 ;
 ; [AG62]
 ;
mov ecx, FACTOR_STEP
 cmp eax,IDM_LESS_PERCENTAGE
 je .less_perc
 cmp eax,IDM_MORE_PERCENTAGE
 je .more_perc
 cmp eax,IDM_SELECT_ALL
 je .select_all_text
 jmp .defwndproc

.select_all_text:
    invoke    SendMessage,[edithwnd],EM_SETSEL,0,-1
    jmp       .finish

.less_perc:
neg ecx
 
.more_perc:
mov ebx, [hwnd]
call ApplyTransparency
 jmp .finish

      .new:
 invoke SendMessage,[edithwnd],WM_SETTEXT,0,0
 jmp .finish
      .about:
 invoke MessageBox,[hwnd],_about_text,_about_title,MB_OK
 jmp .finish
  .wmdestroy:
 invoke DeleteObject,[editfont]
 invoke PostQuitMessage,0
 xor eax,eax
  .finish:
 pop edi esi ebx
 ret
endp

ApplyTransparency:  ; [AG62]
    ;
    ; ECX = factor to add to 'transfactor'
    ; EBX = HWND
    ;
    mov       eax, [transfactor]
    add       eax, ecx
    ;
    ; Validate against range: [4..252]
    ;
    cmp       eax, 4
    jl        .done
    cmp       eax, 252
    ja        .done
    ;
    ; We're good - set transparency!
    ;
    mov       [transfactor], eax
    invoke    SetLayeredWindowAttributes,ebx,0,eax,LWA_ALPHA

.done:
    ret

AdjustMenu:  ; [AG62]
    ;
    ; EAX = HMENU to adjust
    ;
    pusha
    mov       ebx, eax
    ;
    ; Create empty popup menu
    ;
    invoke    CreatePopupMenu
    mov       edi, eax
    ;
    ; Add two new items to control the transparency
    ;
    invoke    AppendMenu,edi,0,IDM_LESS_PERCENTAGE,_smenu1
    invoke    AppendMenu,edi,0,IDM_MORE_PERCENTAGE,_smenu2
    ;
    ; Insert new popup menu into the one which got loaded
    ;
    invoke    InsertMenu,ebx,1,MF_BYPOSITION or MF_POPUP,edi,_spopmenu
    popa
    ret

section '.data' data readable writeable

  _title TCHAR 'MiniPad',0
  _about_title TCHAR 'About MiniPad',0
  _about_text TCHAR 'This is Win32 example program created with flat assembler.',0
  _error TCHAR 'Startup failed.',0

  _class TCHAR 'MINIPAD32',0
  _edit TCHAR 'EDIT',0

  wc WNDCLASS 0,WindowProc,0,0,NULL,NULL,NULL,COLOR_BTNFACE+1,NULL,_class

  edithwnd dd 0
  editfont dd 0

  transfactor dd 128  ; [AG62] - 50% transparent on startup
  hAccelerators dd 0
  hMainWnd dd 0
  _smenu1 db '&Less Percentage',9,'F5',0
  _smenu2 db '&More Percentage',9,'F6',0
  _spopmenu db '&Transparency',0
  
    align 4
    tblAccel1 db FVIRTKEY,0
              dw VK_F5,IDM_LESS_PERCENTAGE
    tblAccel2 db FVIRTKEY,0
              dw VK_F6,IDM_MORE_PERCENTAGE
    tblAccel3 db FCONTROL or FVIRTKEY,0
              dw 41h,IDM_SELECT_ALL

  msg MSG
  client RECT

section '.idata' import data readable writeable

  library kernel,'KERNEL32.DLL',\
   user,'USER32.DLL',\
   gdi,'GDI32.DLL'

  import kernel,\
  GetModuleHandle,'GetModuleHandleA',\
  ExitProcess,'ExitProcess'

  import user,\
  RegisterClass,'RegisterClassA',\
  CreateWindowEx,'CreateWindowExA',\
  DefWindowProc,'DefWindowProcA',\
  SetWindowLong,'SetWindowLongA',\
  RedrawWindow,'RedrawWindow',\
  GetMessage,'GetMessageA',\
  TranslateMessage,'TranslateMessage',\
  DispatchMessage,'DispatchMessageA',\
  SendMessage,'SendMessageA',\
  LoadCursor,'LoadCursorA',\
  LoadIcon,'LoadIconA',\
  LoadMenu,'LoadMenuA',\
  GetClientRect,'GetClientRect',\
  MoveWindow,'MoveWindow',\
  SetFocus,'SetFocus',\
  MessageBox,'MessageBoxA',\
  PostQuitMessage,'PostQuitMessage',\
  CreatePopupMenu,'CreatePopupMenu',\
  AppendMenu,'AppendMenuA',\
  InsertMenu,'InsertMenuA',\
  CreateAcceleratorTable,'CreateAcceleratorTableA',\
  DestroyAcceleratorTable,'DestroyAcceleratorTable',\
  TranslateAccelerator,'TranslateAcceleratorA',\
  SetLayeredWindowAttributes,'SetLayeredWindowAttributes'

  import gdi,\
  CreateFont,'CreateFontA',\
  DeleteObject,'DeleteObject'

section '.rsrc' resource data readable

  ; resource directory

  directory RT_MENU,menus,\
     RT_ICON,icons,\
     RT_GROUP_ICON,group_icons,\
     RT_VERSION,versions

  ; resource subdirectories

  resource menus,\
    37,LANG_ENGLISH+SUBLANG_DEFAULT,main_menu

  resource icons,\
    1,LANG_NEUTRAL,icon_data

  resource group_icons,\
    17,LANG_NEUTRAL,main_icon

  resource versions,\
    1,LANG_NEUTRAL,version

  menu main_menu
       menuitem '&File',0,MFR_POPUP
  menuitem '&New',IDM_NEW
  menuseparator
  menuitem 'E&xit',IDM_EXIT,MFR_END
       menuitem '&Help',0,MFR_POPUP + MFR_END
  menuitem '&About...',IDM_ABOUT,MFR_END

  icon main_icon,icon_data,'minipad.ico'

  versioninfo version,VOS__WINDOWS32,VFT_APP,VFT2_UNKNOWN,LANG_ENGLISH+SUBLANG_DEFAULT,0,\
       'FileDescription','MiniPad - example program',\
       'LegalCopyright','No rights reserved.',\
       'FileVersion','1.0',\
       'ProductVersion','1.0',\
       'OriginalFilename','MINIPAD.EXE'
    
Post 18 Dec 2011, 04:58
View user's profile Send private message Send e-mail Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 10:47
@AG62:

thanx a lot for your efforts, your comments make it possible to follow the code a lot. maybe the author/someone of miniPAD would like to comment his lines too, that be good for newbies to learn follow your way of thinkin.

i recognized the transpareny is limited to almost visibility, or other way round it is not possible this way to switch transparency off completly? if you want to work inside pad for longer without needing to look behind it would be nice for the eyes to get a non fading window. maybe must be done with an extra switch to turn accelaration off?

do you know notepad++? i guess shure. it got a nice feature, if you select some string, it marks all the exact matches throuout the whole content (while input is only used on selecion itself). this is nice for working on scripts and would be perfect if you too had the choice of an option (set in menu) to set to use input only on selection or on all marked matches.

and if i decompile the resulting exe i see 80% of the lines with empty DB lines, (good for injecting code i know) is this a result of comments in source code taken out by compiler or what is the reason, and would it be possible to eleminate those lines and get the exe even more smaller?
Post 18 Dec 2011, 10:47
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 18 Dec 2011, 11:08
peet wrote:
and if i decompile the resulting exe i see 80% of the lines with empty DB lines, (good for injecting code i know) is this a result of comments in source code taken out by compiler or what is the reason, and would it be possible to eleminate those lines and get the exe even more smaller?
I doubt it. .exe files are not a straight code format like .com files. The PE format has many tables, headers and sections for various purposes. If you want to inject code, just edit the source and re-assemble.
Post 18 Dec 2011, 11:08
View user's profile Send private message Visit poster's website Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 11:42
shure if you have source code you don't need to inject, you are able to "inject" by coding the normal way - anything other would be stupid in that case.

without source the DB lines gimme possibility to work with jumps and to hook the programm running order the way i want, and this way injecting code without damaging footprint or funtionallity.

why i ask for elimiminating those lines is to make it almost impossible to inject code in the resulting exe, this way i'd try to harden the code against hacking. are there other possibilities do harden code, maybe an internal hash compare or by maybe weird source code order? is there a way to cut or limit headers maybe? maybe by special compiling settings?

or how to determine how much senceless codeline must be inserted in witch section to fill headers with fakecode, then create hash and depend running code on correct hash?
Post 18 Dec 2011, 11:42
View user's profile Send private message Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1619
Location: Toronto, Canada
AsmGuru62 18 Dec 2011, 12:03
@peet:
1. To switch off transparency - you need to set that variable (transfactor) to 255 and window will not be transparent, just like a 'normal' window.

2. The standard edit control cannot select multiple places - you need to use some other control or write one by yourself - it will be hard for a person who is new into FASM or new into Windows programming. I could help you with that, but my edit control will be able to load/edit/copy/paste/save ANSI text files, view them and highlight multiple occurences of some text with color - that is all, i.e. - it be much simpler than usual 'edit' control.

3. To make EXE smaller - you can use the section combining or section alignment modification. There was a lot of threads lately on the subject. The EXE file is at 5Kb - is it really worth the effort to reduce it further? Say, you got it down to 2Kb - it will be loaded by Windows faster of course, but by the amount of time a human is not able to perceive, so why do that? I can see an EXE getting down from 5Mb to 2Mb as useful, but not for such a small EXE as this one.

4. Did you understand how the Accelerator Keys are used in the code? There is a set of structures starting at the address 'tblAccel1'. If you need to add an accelerator key you need to add one more structure into that array and increase count when invoking 'CreateAcceleratorTable'. Then you need to add the case into WM_COMMAND processing and write your code there - just look how 'Select All' is coded.
Post 18 Dec 2011, 12:03
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 18 Dec 2011, 12:23
peet wrote:
why i ask for elimiminating those lines is to make it almost impossible to inject code in the resulting exe, this way i'd try to harden the code against hacking. are there other possibilities do harden code, maybe an internal hash compare or by maybe weird source code order? is there a way to cut or limit headers maybe? maybe by special compiling settings?
This is a fools errand. You can't "harden" exe's against any form of modification. Any hacker can simply disable any check code and extend the exe for whatever purposes they desire.

If you want to "harden" an exe then the way to do it is to sign it. It is not free though, you have to pay MS to get a signing key. However, this does not encrypt an exe. So any hacker can simply strip the signature and work from there. The only real purpose for signing is for driver/kernel code to stop hackers getting altered code into ring0.
Post 18 Dec 2011, 12:23
View user's profile Send private message Visit poster's website Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 12:41
@AG62:

am i right that extending the existing menu would make corrections throughout several source files neccessary? or why do we inject our new menu items?

-> 1. i tried to set the validation range up to 255 but did not reach full visibility, still did see shadow of objects underneath? though we do always add 12 we seem not to reach the limit?

if i use step 1 and set range to 255 it works, so we would need to modify adding function to allow more than 255 and cutting it off to limt 255 aftwerwards. or use steps which match smallest overall factor of used values. or use 255 - X *12 as start setting for transfactor

am getting into lol


Last edited by peet on 18 Dec 2011, 12:59; edited 5 times in total
Post 18 Dec 2011, 12:41
View user's profile Send private message Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 12:45
revolution wrote:
You can't "harden" exe's against any form of modification. Any hacker can simply disable any check code and extend the exe for whatever purposes they desire.


shure, but if no empty lines are found every modification will leave resulting errors in recompiled exe, now the hacker must know more than just how to inject, he must find a place where his damging is not seen easily (like an almost never just function of the app) and understand where the code does what and how.

this was my intention to eliminate unneeded space (@AS62)

in my eyes this is hardened app.
Post 18 Dec 2011, 12:45
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 18 Dec 2011, 12:59
peet wrote:
shure, but if no empty lines are found every modification will leave resulting errors in recompiled exe, now the hacker must know more than just how to inject, he must find a place where his damging is not seen easily (like an almost never just function of the app) and understand where the code does what and how.
I'm not quite sure you understand how exe's work. Modifying/extending an exe won't damage it unless the person altering it doesn't know what they are doing. By their very nature, exe files nearly always have empty space at the end of each section. And even if they don't have empty space at the end of any section then it is trivial to extend a section or append a whole new section. No one can detect "damage" unless you want to do a byte-for-byte compare (or hash compare) to an original - or you sign it and the hacker forgets to remove the signature. But in the case of comparing to an original, any modification, regardless of free space or not, will be detected. So in summary, your idea of filling empty space, is really just busy work that achieves no real world gain against making modifications "harder".
Post 18 Dec 2011, 12:59
View user's profile Send private message Visit poster's website Reply with quote
peet



Joined: 13 Dec 2011
Posts: 63
peet 18 Dec 2011, 13:03
hm, if there is no unneccessary line of code every change would leave a missing or damged functionality in the recompiled exe. if one line was added the resulting exe should be bigger size of file than original - no?

i do not want to stop modification, i want to recognize it by eyeing the filesize. and to be shure all functions are well a autoit script will do easy checking for us, that run in a sandbox helps me getting shure of app before executing on sensitive systems. on those systems even a weird pointer can kill me if set to false memory adress.
Post 18 Dec 2011, 13:03
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 18 Dec 2011, 13:13
peet wrote:
hm, if there is no unneccessary line of code every change would leave a missing or damged functionality in the recompiled exe. if one line was added the resulting exe should be bigger size of file than original - no?
Usually the answer is 'no'. The exe, in most cases, does not need to be made larger. Simply viewing the file size will not give you an idea if something has changed. You need to go a lot further than that to detect changes: Either have an original backup which you compare to, or do a hash and check the hash each time.
Post 18 Dec 2011, 13:13
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.