EXE Wrapper. Any Ideas, Anybody?

V3n37

Hi All,

Does anyone knows how to programm an .EXE wrapper. The idea behind it is that it can join two .exe files into one and when that file is executed, both exe-s are loaded. I know that this can be done, as I've seen many programs that do same thing, however the thing is that to program it myself.

I would appreciate ideas on how to approach this problem.

Comments in C/C++ would be welcome!

Thanks.

Trojan

What do you mean, "loaded"? If you mean executed, then you can use something like "shell()", or "system()", or "fork()", etc depending on platform and language...

If you mean what I think, that is.

Al.

Snaga

I think he means an executable that creates an empty shell that he can 'load' two seperate .exe's into. When you run this 'shell' exe it will execute each of the two exe's inside it.

Commonly used in previous years with one of them joke exes with back oriface or netbus tacked in there. So its run, does something silly so as not to arouse suspicion while infecting you in secret.

No idea how to do it myself, just clearing it up

kayos

Originally posted by Snaga
I think he means an executable that creates an empty shell that he can 'load' two seperate .exe's into. When you run this 'shell' exe it will execute each of the two exe's inside it.

Commonly used in previous years with one of them joke exes with back oriface or netbus tacked in there. So its run, does something silly so as not to arouse suspicion while infecting you in secret.

No idea how to do it myself, just clearing it up

ohhhh you mean something like a Trojan horse

kayos

Typedef

[]-original progstart
[]
[]-program code

[]appended program
[]code
[]pointer to start of old program
[]original program start
[]
[]-program code

Something like this?

yellum

There used to be a program called melt I think that used to do that kind of wrapping.

Trojan

Originally posted by Typedef
[]-original progstart
[]
[]-program code

[]appended program
[]code
[]pointer to start of old program
[]original program start
[]
[]-program code

Something like this?

I think you're better off trying Slackware than something like that...

kayos: sounds highly plausible

Al.

V3n37

Hi Guys

Sorry if I haven't made it clear enough. Snaga was right, that's what I'm trying to do.

Ok, here is an example.

Let's say we have two executables, proggie1.exe and proggie2.exe.

Now we join these two files in a file called proggie3.exe.

So if the proggie3.exe is run, it will actually run proggie1.exe and proggie2.exe.


Has anybody tried to do something similar ?


To: Typedef

How would you get the pointer to the start of the program ?

And by the way I'm trying to do this in Windows.

Jay

So if all three programs have a UI window, when you run the first program the second and thrid program also run..... resulting in three open windows right?

You can do that using ShellExecute as was mentioned previously in the thread.

E.G. To open a text file with notepad programmatically use...

ShellExecute(hWnd, "open", "notepad.exe", "c:\readme.txt", NULL, SW_SHOWNORMAL);

You can run the program hidden in the background by specifying SW_HIDE as the last parameter.

Hobbes

proggie.bat

start proggie1.exe
start proggie2.exe

:* /Wait tells the batch file not to finish until last program closes. 
start /Wait proggie3.exe

You could also add that batch file and three other files into an executable Zip file and tell it to run the batch file.

Trojan

Sorry, your solution has been discarded on grounds of not being complex enough.

Thank you, come again.

Al.

Originally posted by Hobbes
proggie.bat

start proggie1.exe
start proggie2.exe

:* /Wait tells the batch file not to finish until last program closes. 
start /Wait proggie3.exe

You could also add that batch file and three other files into an executable Zip file and tell it to run the batch file.

Martyr

I think what most of you are trying to say is "I don't know"
I don't know either.

V3n37

As I mentioned on my previous replies, I need to "wrap" one file into another. I know the commands ShellExecute, WinExec (16 bit) ect. But the point here is that, how do you get a file added to another file, so if you run it, both files will be executed. ( when I say files I mean .exe files)

I think Average Joe is right. This is not an easy task to accomplish, but I thought that there might be some programmer out there who would know how to do this.

Typedef

Righteo I guess first you would try something like firing up a debugger (or something similar say gdb ok?)

gdb somebinaryexe
(gdb)disass main

Oh look
0x8048d3c <main>: push %ebp
0x8048d3d <main+1>: mov %esp,%ebp
0x8048d3f <main+3>: sub $0x18,%esp (or the procedure prolog if you prefare).

hmm curious look at 0x8048d3c right?

So have you ever heard of controlling eip or the index pointer? So if we concatonate the two files together and instead of returning 0 when our program finishes or returning the index of our current stack frame pointer, if instead we return the address of code we would prefare to execute in our index pointer then we effectively control what code can be executed on the machine don't we? So if the two files have been concatonated together using some sort of other program that literally just concatonates two file presented to it.

I don't know say in
proggie main1

int main(int argc,char**argv)
{
exploit_em();
return 0;
};

void exploit_em(void)
{
int *a;
a=(long*)&a+2;
*a=0x8048d3c;
return;
};

or something similar might be what you are trying to go for.

You might want to do a google searhc for
"Smashing the stack for fun and profit"?

Remember if trojan weren't trolling then I wouldn't have to prove my gorillaness (or something).

Check one..... Check one
Yeah there's an olympic size swimming pool on the roof!

V3n37

Hey Typedef,

I used technique described (i use w32dasm as a disassembler), and kinda worked, however I don't know how to get the program entry point from an application, and manipulating registers in C++ cannot be really done.

I know it can be done using Assembly language, however my assembly knowlegde is limited.