 |
Problem with running EXE from a byte() array
|
|
On Thu, 3 Jul 2008 01:41:40 -0700 (PDT), sebastian nielsen <...@gmail.com
If I have this code:
Dim fs As New System.IO.FileStream("C:\application.exe",
System.IO.FileMode.Open)
Dim br As New System.IO.BinaryReader(fs)
Dim data() as Byte
data = br.ReadBytes(Convert.ToInt32(fs.Length))
br.close()
fs.close()
Now data() contains the whole EXE in binary format, and I want to run
the binary data like the C:\application.exe was executed.
I tried with this:
Dim oAss As System.Reflection.Assembly
Dim meth As System.Reflection.MethodInfo
Dim obj As Object
oAss = System.Reflection.Assembly.Load(data)
meth = oAss.EntryPoint
obj = oAss.CreateInstance(meth.Name)
meth.Invoke(obj, Nothing)
but it stumbled on Load(data) that BadImageFormatException "It could
not read the file or collection 77824 bytes loaded from
WindowsApplication1, Version=1,0.0.0, Culture=neutral,
PublicKeyToken=null or one of its dependencys. A attempt to read in a
application with a invalid format was made"
Then I tried with another EXE, but the it stumbled on the Invoke(obj,
Nothing) that a incorrect number of parameters was supplied. The
debugger said that obj was "nothing", so apparently the
oAss.CreateInstance method failed.
I want it to work with any EXE, and the application should run the
content in the data() array like he EXE was launched itself.
I don't want to write the EXE to disk and exec it with the Shell()
method or some like that.
|
fonts in programs
[03 Sep 2008]
On Wed, 3 Sep 2008 07:59:42 +0200, "andreas" <aw@pandora.be
How can I choose some fonts...
in programs so that they are always avalable for
the program at other computers, can I...
|
vb2005 run help
[03 Sep 2008]
i build an application in vb2005 and when i finish i copy my
application to another pc and...
and
it show me an errror which is unexpected"
i know the previus versions of vb and vb6 ...
|
Opening Excel files- Standard or Professional?
[03 Sep 2008]
On Wed, 3 Sep 2008 11:12:33 -0700 (PDT), ElPresidente <chickenparmesan@ gmail.com
To open...
open and read data from Excel files, do I need to purchase VS2008
Standard or Professional?...
|
| More... |
|
|
|
|
On Thu, 3 Jul 2008 12:09:43 +0200, "Patrice" <http://www.chez.com/scribe/
Use Process.Start instead tto run an exe file...
--
Patrice
"sebastian nielsen" <...@gmail.comgroupe de discussion :
fdb0...@34g2000hsf.googlegroups.com...
|
|
On Fri, 4 Jul 2008 02:16:12 -0700 (PDT), sebastian nielsen <...@gmail.com
Yes, but what im doing, is that I have a encoder application, which
loads lets say c:\application.exe and makes a BASE64 string of it.
Then I put that BASE64 string as a constant into my application, and
now I want to run the BASE64 string by decoding it and then running
the contents in memory without writing the EXE to disk.
In other words, I want to hard-code a application into my application.
|
|
On Fri, 4 Jul 2008 13:05:00 +0200, "Cor Ligthert[MVP]" <...@planet.nl
Sebastian,
This is the difference between common people like most of us and artist like
you.
We just choose the most efficient methods, you see this probably as art.
However, art has to be unique, so very much success with your creation.
Cor
"sebastian nielsen" <...@r66g2000hsg.googlegroups.com...
|
|
On Fri, 4 Jul 2008 04:58:20 -0700 (PDT), sebastian nielsen <...@gmail.com
Nope. This has with security to do.
What im really doing at encoding stage, is that I load in the
application into a byte array, then encrypt it with
System.Security,Cryptography.Rijndael using a key derived from a
password with System.Security.Cryptography.Sha512
Then I encode the resulting ciphertext using Base64
Then I paste this base64 text into my other application as a string,
to password protect the child EXE.
So in the encoder, I select that I want to password protect C:
\application.exe
Then I get encoded base64 text, which I paste as a string constant in
the application.
Ill try to decode the encoded application with
System.Security.Cryptography.Rijndael with the user-supplied password,
in a try/catch-block. If incorrect password is entered, the padding
will be incorrect and then it trows a Exception.CryptographyException
which will be catched and display "Incorrect password" to user.
If decryption succeeds, I want to put the decrypted EXE in memory and
run it.
|
|
On Fri, 04 Jul 2008 20:47:16 +0800, "Martin H." <...@gmx.net
Hello Sebastian,
Maybe there is a way, but sooner or later you might have to deal with
functionality of the operating system which tries to prevent that.
Windows XP already has Data Execution Prevention (although by default it
is only set to "Turn on DEP for essential Windows programs and services
only") which prevents data code (as in variables) to be changed to
executable code. I don't know how that is with Vista, but I expect that
it has at least the same functionality as XP. I think that the only way
to go is to save it as a temporary file and delete it right after
execution is complete. If you want to prevent it from being copied, you
might have to lock it so that other applications cannot access it.
If your application ran only under Windows 2000/98 you could do make
data memory executable, but who is still using these dinosaurs today?
Best regards,
Martin
On 04.07.2008 19:58, wrote sebastian nielsen:
|
|
On Fri, 4 Jul 2008 06:14:55 -0700 (PDT), sebastian nielsen <...@gmail.com
I have heard that DEP is there to prevent *accidential* execution of
data code, for example a buffer owerflow from a malicious user on the
internet, that causes the overflowed code to execute.
But now I as a developer wants to intentionally execute data, so there
must be a way to place the decrypted code into executeable memory
where DEP does not care about and then execute it.
Maybe there is any windows API to put executeable code into
executeable memory and then execute it? Or some native .NET function/
library to do it.
|
|
On Fri, 4 Jul 2008 17:12:56 +0200, "Patrice" <http://www.chez.com/scribe/
Looks like a licensing scheme ? Do you want to do that with any EXE or do
you control the EXE file subject to this processing ?
From my search :
- it looks very difficult if not impossible (saw a thread where they say
they didn't find any API for this in Win32 and someone was doing this "by
hand" but not even for Windows), zwCreateSection migth help but I have no
idea what it is and it s likely very very low level...
- is this for .NET EXE files on which you have control ? (in which case
loading as an assembly could work).
- I've seen also something similar where the .NET Exe file is encrypted on
disk and then decoded into memory when run (if I remember it looked like a
MS obsfucation solution but I don't find the link right now)
- you may want also to check for other licensing scheme that would be
available rather than doing this yourself. Is this what you are after by
encrypting this exe file ?
So ifnally :
- either this is for .NET and I would explore loading the exe file as an
assembly
- either this is for arbitrary EXE file and I would likely seach for a third
party solution depending on what I'm trying to do (don"t you have control on
those EXE files if this is for licensing ?)
Patrice
"sebastian nielsen" <...@gmail.comgroupe de discussion :
ea69...@56g2000hsm.googlegroups.com...
|
|
On Fri, 4 Jul 2008 09:40:38 -0700 (PDT), sebastian nielsen <...@gmail.com
Its both.
First example: I want to build a application, and license it. Users
need to enter a CD-key and the application starts.
Second example: I have purcased lets say 10 licenses from a third
party vendor for a application. The license agreement says im allowed
to install this license on unlimited number of computers as long as no
more than 10 licenses are running at a given time.
Then I could use my application to encrypt the third party EXE, and
have a license server, which lends out encryption keys for licensing,
and then the client returns keys that are no longer in use. And the
server makes sure no more than 10 keys are lended out at a given time.
Third example: I want to enforce when a application on a work computer
can be started and how many times. I encrypt the EXE and have it to
fetch a key from a server. The server only allows a given number of
keys to be sent only on specific times.
Fourth example: I simply want to password protect a generic EXE so
people with physical access to my computer cannot use that EXE.
Fifth example: I want to license a application on a per-IP-basis. I
just have the license server send out encryption keys for the correct
IP.
-----------------------------------------
So Im gonna build a encryption framework that can be used for any
application protection, so I just need the ability to run a EXE stored
in a byte() array.
The ready-made libraries only "obfuscates" the code, which means they
are not encrypting it, only "hiding" it by making it harder to
understand any decompiled or disassembled code.
What I want to do is to ENCRYPT the code.
And most of the ready-made license library just locks the application
by inserting code that ask for license key or password and then jumps
to the correct location.
|
|
|