All geek questions in one place

Edit vars strings in compiled exe? C ++ win32

I want to have several lines in my C ++ application, and I want to be able to edit them later in deployed applications (compiled exe). Is there a way to do exe editing or its resources so I can update the value of the lines?

The application checks for updates at startup, so I'm thinking of using this to send the algo command when I need to edit lines (for example, a line containing the URL used to check for updates).

I do not want to use anything external for exe, I could just use the registry, but I prefer to store everything inside exe.

I am using visual studio 2010 C ++ (or any other version of ms visual C ++).

+4
source share
6 answers

Another idea is to move the lines to the configuration file, for example, in XML or INI format.

Modifying an EXE without compilation is a hack and is very discouraging. You can use the hex editor, find the line and change it. The new text should be less than or equal to the original EXE.

Please note that some anti-virus checks perform CRC or checksums for executable files. Modifying executable files is the red flag of these virus scans.

+3
source

I know that you said that you do not want to use anything external for the program, but I think that you really want in this case - this is just a DLL resource. The executable file can load any DLL string that you need in this call.

+6
source

This is not possible if your lines will not change in position and length.

So, to make it possible: make your "size" in the URL of your URL, which is used to receive very large updates (think: 512 characters filled with zeros at the end). So you have a place to update the line.

Why is it impossible to use variable-sized strings? Well, I can explain this with a small snippet of x86 assembler:

PUSH OFFSET test.004024F0

Let's say; at offset test.004024F0 - your string is of variable size. Now consider the change:

I want to insert a line that is longer than the original line, which is stored before the line at 004024F0 : this makes 004024F0 for the new value, say: 004024F5 (the new line, before this record, is 5 characters longer than the original).

Do you find this simple: find all 004024F0 and replace it with 004024F5 ? Wrong . 004024F0 can also be a regular "instruction" (more precisely: ADD BYTE PTR DS:[EAX+24],AL; LOCK ... ). If this instruction is in your code, it will be replaced by something incorrect.

Well, you might think, but what about searching for this PUSH instruction? False : there are almost unlimited "PUSH" methods. For example, MOV EAX, 004024F0; MOV ESP, EAX; ADD ESP, 4 MOV EAX, 004024F0; MOV ESP, EAX; ADD ESP, 4 MOV EAX, 004024F0; MOV ESP, EAX; ADD ESP, 4 . There is also the possibility of calculating the field: MOV EAX, 00402000; ADD EAX, 4F0; ... MOV EAX, 00402000; ADD EAX, 4F0; ... MOV EAX, 00402000; ADD EAX, 4F0; ... Thus, this makes it "virtually unlimited."

However, if you use fields of static size; you do not need to change the code related to the strings. If you reserve enough space for a specific field, you can easily write a “longer” line than the original, because the line size is calculated by finding the first “zero byte”; enter the rest of the field with zeros.

If you use fields of static size, it is very difficult to find a "position in the file" at compile time. Considering a lot of time, spending hacking your own application; you can write code that modifies .exe and saves a new String value with a given offset. This file offset is not known at compile time, and you can fix this file offset later using a tool like OllyDbg . This allows the executable to fix itself :-)

+2
source

Creating a self-editing exe is a very bad approach to solving this problem. You save and read lines from an external file much better. Maybe if you talk about why you do not want to use anything other than exe, we can solve these problems?

+1
source

Not wanting to punish, but that doesn't seem like a great idea. Having a URL to check for updates baked inside the program makes it inflexible.

You are trying to soften inflexibility by rewriting lines in exe. This really requires trouble:

  • Are you sure that the users who run your program have write permission to be able to update exe? By default, users are not allowed to write to files installed in the program folder.
  • If the program is launched by several users or several times by the same user, exe will be blocked and not modifiable
  • It will be difficult for system administrators to configure the URL.
  • There is a real risk that you will ruin your exe. The rewrite process is likely to be complicated, especially if you want to make the URL longer than what is currently allocated.
  • By modifying exe, you remove the possibility of using code signatures that may be useful in a network environment.

The registry (despite all its weaknesses) is really the place where such configuration data should be. You can put the default value in EXE, but if you need to make changes, put them in the registry. This makes the changes transparent, saving you much grief later.

Your algorithm, which wants to write a new URL for updates, should do this by writing it to the registry. In addition, you have a configuration file that comes with your exe and updates it. (But keep in mind user permissions - you may not have write access to this file, but you can always write to the registry user’s hive.)

+1
source

In theory, BeginUpdateResource , UpdateResource and EndUpdateResource are designed for this purpose. In fact, getting them to work is generally quite difficult. I'm not sure that they will work to update resources in an executable executable.

+1
source

Source: https://habr.com/ru/post/1310413/

More articles:


All Articles