flat assembler
Message board for the users of flat assembler.
Index
> Macroinstructions > Who can write this? Copy target .exe resdata... |
Author |
|
vid 12 Aug 2007, 22:52
very useful? for what?
i wouldn't use macro for this, i would use separate tool. i know, that is not very FASMy way, but at least you don't have to write EVERYTHING from scratch (like these macros) |
|||
12 Aug 2007, 22:52 |
|
dead_body 13 Aug 2007, 00:49
simply, i writes a trojan. It holds in body another exe. And runs it from memory. I am too lazy to change evety time version strings and with hands get *.ico and put into my program. I would like that fasm do it.
If nobody wish to write, please give documents about PE. Then I will write it and put here. Need tutors about ".rsrc" section. In which format and etc. |
|||
13 Aug 2007, 00:49 |
|
f0dder 13 Aug 2007, 08:28
Idiot.
|
|||
13 Aug 2007, 08:28 |
|
vid 13 Aug 2007, 10:21
writing trojans is not really the best way to make this world better place
about PE: I think microsoft has official PE documentation somewhere on MSDN. Look for it. |
|||
13 Aug 2007, 10:21 |
|
Madis731 13 Aug 2007, 11:12
Hasn't PE already been discussed on these board. I think there are many topics. PE from scratch, PE format, blah....
|
|||
13 Aug 2007, 11:12 |
|
dead_body 13 Aug 2007, 11:59
documentation found. Today in evening\tommorow will post macros.
|
|||
13 Aug 2007, 11:59 |
|
dead_body 13 Aug 2007, 17:39
Ouh... i don't know how to copy *.ico data from virtual directive to my code.
In cycle store\load? But there can be many icons in section. For example I have: Code: virtual at 0 ... b = ico_data_offset c = ico_data_size end virtual here_needs_that_data: how can I store to label "here_needs_that_data" data from "virtual"? |
|||
13 Aug 2007, 17:39 |
|
vid 13 Aug 2007, 17:55
dead_body: no way to do it just with assembly-time features.
|
|||
13 Aug 2007, 17:55 |
|
MichaelH 13 Aug 2007, 21:34
Quote:
Fasm's assembly-time features are all powerful, anything can be achieved ..... however they lack the ability to electrocute trojan writer |
|||
13 Aug 2007, 21:34 |
|
MHajduk 14 Aug 2007, 13:25
dead_body wrote: Ouh... i don't know how to copy *.ico data from virtual directive to my code. Code: format PE GUI 4.0 entry start section '.code' readable executable start: virtual at 0 ; ; Compiled code begin. ; inc eax inc ebx ; ; Compiled code end. ; db 100-$ dup (90h) ; Padding to 100 bytes. ; Definition of 100 constants a1, a2, ..., a100 ; which contain bytes of previously compiled code. ; rept 100 counter { load a#counter byte from counter-1 } ; Definition of macro 'CopyBlock' which pastes ; every bytes of code compiled in 'virtual'. ; macro CopyBlock { rept 100 counter \{ db a\#counter \} } end virtual here_needs_that_data: ; Include compiled code fragment. ; CopyBlock ret section '.data' readable writeable ; Include compiled code fragment as data. ; CopyBlock |
|||
14 Aug 2007, 13:25 |
|
dead_body 14 Aug 2007, 18:49
thanks...
i think about this way. With such way, macro code will be very large. One *.exe can hold many icons with different size. Maro becomes not "easy"... |
|||
14 Aug 2007, 18:49 |
|
Blid 18 Aug 2007, 17:02
dead_body,if you want "It holds in body another exe", try usual infection of PE
format. Why not ? |
|||
18 Aug 2007, 17:02 |
|
dead_body 20 Aug 2007, 09:24
antiviruses... i am writing not virus. A trojan
It must be invisible. So i use "Run File From Memory" method. Infects *.exe it is an old method. And i don't want to fight with antiviruses. |
|||
20 Aug 2007, 09:24 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.