Run compiled code from a string?
-
- Posts: 4
- Joined: Aug 17, 2008 15:07
Run compiled code from a string?
How I do to run compiled code from a string?
Lets say I compile applicationA.bas intro ApplicationA.exe
Now I use binary read to read in the whole ApplicationA.exe into a string.
Then I want to "run" the code in the string like I would have doubleclicked ApplicationA.exe. (Without writing the contents of the string to disk).
How can this be done?
Lets say I compile applicationA.bas intro ApplicationA.exe
Now I use binary read to read in the whole ApplicationA.exe into a string.
Then I want to "run" the code in the string like I would have doubleclicked ApplicationA.exe. (Without writing the contents of the string to disk).
How can this be done?
-
- Posts: 4
- Joined: Aug 17, 2008 15:07
According to Microsoft, the method Assembly.Load uses an Assembly Class as the object which is a pre-compiled set of instructions which uses the CLR but not a complete executable, which is basically like creating a DLL. In FreeBASIC, you can load the DLL with the DyLibLoad function and then call the functions.
-Vince
-Vince
There are a lot of aspects to this, and your example is also faulty, NGen the assembly, and retry and you'll see it will fail. IOW IL assemblies are compiled code, but not to assembler level, but half digested to something that can be jitted.sebastiannielsen wrote:what I want to do, is to load the string with compiled code into memory, and jump to that point in memory, so the compiled code is ran.
In .NET you can just run Assembly.Load( <string with compiled code> )
In theory you should be able to do this for PIC code, which you write into mem using mprotect.
However that is odd ball use, and not something to generally use, since Antivirusses and other security technologies will frown upon it (since it is effectively code injection)
-
- Posts: 1186
- Joined: May 08, 2006 21:58
- Location: Crewe, England
-
- Posts: 4
- Joined: Aug 17, 2008 15:07
What I want to do, is to load the EXE as a string, then encrypt the EXE, and then output the string.
What I then want to do, is a application, which has the encrypted EXE in base64 format as a string constant.
Then the application will ask the user for a password, and then decrypt the string using the password, and if the decryption was sucessfull, the application should place the decrypted content into memory and execute it.
So If I compile this code:
print "Hello World"
print 10 + 7
into a EXE. Then I load in the EXE into a string, and then encrypt it, and the output the encrypted result.
If I then paste the encrypted result as a constant in my application and then run it, it shoud look like this:
Please provide password:> test
Access is granted
Hello World
17
It is acceptable if the 2 last lines come up in a new window (since a new EXE is launched), but I would prefer they show up in the same window.
Please note: the encrypted application in this example is only a example. This means its not acceptable to just encrypt the Hello world and the 10 and 7 strings. Just think about a calculator application or parsing application, and I just want to encrypt the whole application.
It is also acceptable If I need to put the
print "Hello World"
print 10 + 7
into a subroutine, and then compile into a DLL, put that DLL through encryptor, and then put that string into my app.
Then Ill need to decrypt and load the DLL into memory without writing it to disk, and then call the subroutine in the DLL.
What I then want to do, is a application, which has the encrypted EXE in base64 format as a string constant.
Then the application will ask the user for a password, and then decrypt the string using the password, and if the decryption was sucessfull, the application should place the decrypted content into memory and execute it.
So If I compile this code:
print "Hello World"
print 10 + 7
into a EXE. Then I load in the EXE into a string, and then encrypt it, and the output the encrypted result.
If I then paste the encrypted result as a constant in my application and then run it, it shoud look like this:
Please provide password:> test
Access is granted
Hello World
17
It is acceptable if the 2 last lines come up in a new window (since a new EXE is launched), but I would prefer they show up in the same window.
Please note: the encrypted application in this example is only a example. This means its not acceptable to just encrypt the Hello world and the 10 and 7 strings. Just think about a calculator application or parsing application, and I just want to encrypt the whole application.
It is also acceptable If I need to put the
print "Hello World"
print 10 + 7
into a subroutine, and then compile into a DLL, put that DLL through encryptor, and then put that string into my app.
Then Ill need to decrypt and load the DLL into memory without writing it to disk, and then call the subroutine in the DLL.
-
- Posts: 605
- Joined: Feb 18, 2006 13:30
- Location: Alexandria / Egypt
- Contact:
Most people will argue that this is impossible, but here's a method that uses a custom loader to load your DLLs from memory, which involves relocating the DLL and aligning it in memory apart from the host operating system's PE loader:
http://www.joachim-bauch.de/tutorials/l ... emory.html
and here's the full FB example (along with header and static library):
http://www.mediafire.com/?xcfha1pjfqk
Please read the notes on the original page regarding usage.
Edit: and if you use that in conjunction with IncFile() [search forums] it might prove to be very useful, since I wouldn't recommend using strings to store binary (and especially executable) data.
http://www.joachim-bauch.de/tutorials/l ... emory.html
and here's the full FB example (along with header and static library):
http://www.mediafire.com/?xcfha1pjfqk
Please read the notes on the original page regarding usage.
Edit: and if you use that in conjunction with IncFile() [search forums] it might prove to be very useful, since I wouldn't recommend using strings to store binary (and especially executable) data.
-
- Posts: 4
- Joined: Aug 17, 2008 15:07
Something array of byte like. Then you don't risk accidentally doing string operations that maim them.sebastiannielsen wrote:>>I wouldn't recommend using strings to store binary (and especially executable) data
What should I use instead to store the binary/executeable data? I dont want to store it on disk for security reasons.
-
- Posts: 605
- Joined: Feb 18, 2006 13:30
- Location: Alexandria / Egypt
- Contact:
You can use two acceptable methods to handle them:sebastiannielsen wrote:>>I wouldn't recommend using strings to store binary (and especially executable) data
What should I use instead to store the binary/executable data? I don't want to store it on disk for security reasons.
* Byte Arrays.
* Memory buffers: Allocate/Callocate
As for storage, according to what you said, you're trying to embed the data statically into the final executable, and to do that you can use:
* DATA statement: you'll have to use an external tool to convert the binary file into DATA statements, and paste them into your module's code directly, to read the buffer you'll have to use READ at run-time to copy it to a new buffer, too much overhead for both run and compile-time imo.
* Windows resource scripts: might be acceptable, but that would also expose the file you're storing to a more computer-savvy user.
* Object File: use an external tool to convert your file into a linkable object file, and use EXTERN to access it from other modules. (acceptable solution, no overhead, etc.)
I clearly prefer the last solution, you can write a small tool to encrypt your guest DLL before compiling your application, then have it stored in the final EXE's memory that way, no run-time loading, and much faster compile-time.
Finally, here's something to do the whole thing through FreeBASIC, a solution derived from #3, but with no need for external tools, just copy the IncFile.bi header from this thread:
http://www.freebasic.net/forum/viewtopi ... 04&start=0
and now save it, then compile this:
Code: Select all
' Compile TestDll.bas first..
#include "MemoryModule.bi"
#include "incfile.bi"
IncFile(DLLDATA, "TestDll.dll")
dim myDll as HMEMORYMODULE
dim addNumbers as function cdecl (byval as integer, byval as integer) as integer
myDll = MemoryLoadLibrary(DLLDATA)
if myDll then
print "Library load successful.."
addNumbers = MemoryGetProcAddress(myDll, "addNumbers")
if addNumbers then
print "Symbol found.."
print "Calling addNumbers() from memory:"
print "10+12="; addNumbers(10,12)
else
print "Error obtaining proc address."
end if
else
print "Error loading Library."
end if
MemoryFreeLibrary(myDll)
I hope this explains it all.