C++

Forum

 
Executing data by a program

Apr 7, 2009 at 8:25pm
Gregor (147)
Hello

I'm trying to program a self updating program that would just expand in place. I plan to use modules of code that will consist of instructions or resorces. Modules will be able to point to resource modules (it probably wont work because of compiler optimizations, but I'll worry 'bout that later), etc...but thats another story!

Bottom line, I need to know how to run code from memory.



I have truble describing what I want to do, but the following seems to make sense.


Let's say that I have a virus, a trojan. It waits for some data and than it executes it - load to memory and exec. I would like to know if you can execute .exe programs this way...some general info.


I'm wondering if the following would work (verlflow errors atm)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
void execute(char * parameters)
{
	unsigned i,size;
	//Open a file
	ifstream file( parameters , ifstream::in|ifstream::binary);
	//Load to memory
	char* tmp,* mem = (char*)malloc(16777216);//Allocate 16 MB of memory
	size=16777216;
	for(i=0; file.good();  i++){
		if(i<size)
			file.read(mem+i, 1);
		else//Try to resize the array
		{
			tmp=mem;
			if(!realloc(mem, size+16777216)){//On fail
				free(tmp);
				cout<<"FAILED! Error loading into memory"<<endl;
				file.close();
				return;
			}
			size+=16777216;
		}//Resized
	}
	tmp=mem;
	if(!realloc(mem, i-1)){//On fail
		free(tmp);
		cout<<"FAILED! Error loading into memory"<<endl;
		file.close();
		return;
	}
	function f=(function)mem;
	f();
	file.close();
	free(mem);
	cout<<"Executed."<<endl;
};



Thanks!
Last edited on Apr 8, 2009 at 10:29am
Apr 7, 2009 at 8:39pm
jsmith (5804)
Not sure anyone is going to help write a virus...
Apr 8, 2009 at 6:07am
Gregor (147)

Mr. Obvious strikes again!:P
Yeah I know how it looks, and sadly its mostly used for that purposes - that's why I used a virus to describe what I need to do.

Please dont make me go postin' on chans:S Sick stuff there!

Update: Changed the description a bit
Last edited on Apr 8, 2009 at 10:29am
Apr 8, 2009 at 1:04pm
jsmith (5804)
So what are you trying to do then?

Newer CPUs have an option to disable execution from writable memory pages.
Apr 8, 2009 at 4:01pm
writetonsharma (1461)
i dont understand what you are talking.. what data you want to execute??

you can use a couple of things to have a trojan or virus like behavior..
1. key loggers, trapping keys and sending it on network..
2. dll injections which let you control any process on windows.. you can even inject your dll into windows explorer and explorer or any process will get mad..
install services with a different name and they wont come in the task manager.

and the good thing is you don't have to implement them.. microsoft has done all the hard work. ;)
Apr 8, 2009 at 5:54pm
Gregor (147)
After some more research I came to see that this is not what I've been looking for, I cant do what I want to, not on OS level anyway.


So I ask how would you build a self updating program that could be loaded in parts - should I just use loads of dlls and one small exe? Is there a way I can store a dll in the exe itself?


Save me the research, i'd be much apprechiated
Apr 8, 2009 at 8:50pm
writetonsharma (1461)
you can create a self-extracting binary then. the same binary will run and as well as extract the dll from it when required. load it in the memory.

you can find tutorials or even full code on how to create self-extracting binary on
codeproject.com.


but your problem looks quite vague..i think you are not clear what you want to do??
Apr 8, 2009 at 9:42pm
Gregor (147)
Yes, totaly. I'm looking into stuff to decide what my next project should be...posts like this actualy help me a great deal!

Thanks:D
Topic archived. No new replies allowed.