Crear Ejecutables y Modificar Variables en C#.NET

Iniciado por 43H4FH44H45H4CH49H56H45H, 8 Marzo 2010, 07:14 AM

0 Miembros y 2 Visitantes están viendo este tema.

43H4FH44H45H4CH49H56H45H

Primero necesitamos tener un ejecutable creado, en este caso para el ejemplo usare uno  hecho en ASM y ensamblado con MASM32

Código (asm) [Seleccionar]
.386
.model flat,stdcall
option casemap:none
Ventana proto :DWORD,:DWORD,:DWORD,:DWORD
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib

.data
ClassName db "cVentana",0
;Declaramos la variable a cambiar
Variable db "esperando",0
cTexto db "edit",0

.data?
hInstance HINSTANCE ?
CommandLine LPSTR ?
hwndEdit HWND ?

.const
IDedit equ 1

.code
start:
invoke GetModuleHandle, NULL
       mov    hInstance,eax
invoke GetCommandLine
invoke Ventana, hInstance,NULL,CommandLine, SW_SHOWDEFAULT
invoke ExitProcess,eax
Ventana proc hInst:HINSTANCE,hPrevInst:HINSTANCE,CmdLine:LPSTR,CmdShow:DWORD
LOCAL wc:WNDCLASSEX
LOCAL msg:MSG
LOCAL hwnd:HWND
mov   wc.cbSize,SIZEOF WNDCLASSEX
mov   wc.style, CS_HREDRAW or CS_VREDRAW
mov   wc.lpfnWndProc, OFFSET WndProc
mov   wc.cbClsExtra,NULL
mov   wc.cbWndExtra,NULL
push  hInst
pop   wc.hInstance
mov   wc.hbrBackground,COLOR_BTNFACE+1
mov   wc.lpszClassName,OFFSET ClassName
invoke LoadIcon,NULL,IDI_QUESTION
mov   wc.hIcon,eax
mov   wc.hIconSm,eax
invoke LoadCursor,NULL,IDC_HELP
mov   wc.hCursor,eax
invoke RegisterClassEx, addr wc
INVOKE CreateWindowEx,WS_EX_CLIENTEDGE,ADDR ClassName,ADDR Variable,\
          WS_SYSMENU,600,\
          600,150,100,NULL,NULL,\
          hInst,NULL
mov   hwnd,eax
INVOKE ShowWindow, hwnd,SW_SHOWNORMAL
INVOKE UpdateWindow, hwnd
.WHILE TRUE
               INVOKE GetMessage, ADDR msg,NULL,0,0
               .BREAK .IF (!eax)
               INVOKE TranslateMessage, ADDR msg
               INVOKE DispatchMessage, ADDR msg
.ENDW
mov     eax,msg.wParam
ret
Ventana endp
WndProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
.IF uMsg==WM_DESTROY
invoke PostQuitMessage,NULL
.ELSEIF uMsg==WM_CREATE
invoke CreateWindowEx,WS_EX_CLIENTEDGE, ADDR cTexto,NULL,\
                       WS_CHILD or WS_VISIBLE or WS_BORDER or ES_LEFT or\
                       ES_AUTOHSCROLL,\
                       20,15,100,25,hWnd,IDedit,hInstance,NULL
mov  hwndEdit,eax
invoke SetWindowText,hwndEdit,ADDR Variable
invoke SetFocus, hwndEdit
.ELSE
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
.ENDIF
xor    eax,eax
ret
WndProc endp
end start


"Variable" será sustituida en el programa hecho en c#.NET
Ahora necesitamos saber en que posición se encuentra la variable en el ejecutable para ello utilizamos un editor hexadecimal:


y vemos que está entre 2057 y 2065.

Realizamos el programa:


Código (csharp) [Seleccionar]
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.IO;

namespace recursos
{
   public partial class Form1 : Form
   {
       public Form1()
       {
           InitializeComponent();
       }
       private void butExtraer_Click(object sender, EventArgs e)
       {
           try
           {
               SFguardar.Filter = "Archivo Ejecutables|*.exe";
               SFguardar.Title = "Guardar archivo ejecutable nuevo";
               SFguardar.ShowDialog();
               if (SFguardar.FileName != "")
               {
                   int contador = 0;
                   int iLetra = 0;
                   int iTexto = 0;
                   FileStream stream = new FileStream(SFguardar.FileName, FileMode.Create, FileAccess.Write);
                   BinaryWriter writer = new BinaryWriter(stream);
                   iTexto = txtVariable.Text.Length;
                   foreach (int i in Properties.Resources.prueba)
                   {
                       if (contador > 2056 && contador < 2066)
                       {
                           if (iLetra < iTexto)
                           {
                               writer.Write(Convert.ToByte(txtVariable.Text[iLetra]));
                               iLetra++;
                           }
                           else writer.Write(Convert.ToByte(0));
                       }
                       else writer.Write(Convert.ToByte(i));
                       contador++;
                   }
                   writer.Close();
                   stream.Close();
               }
           }
           catch (Exception er)
           {
               MessageBox.Show(er.Message);
           }
       }

       private void txtVariable_TextChanged(object sender, EventArgs e)
       {
           butExtraer.Enabled = true;
       }
       private void txtVariable_KeyPress(object sender, KeyPressEventArgs e)
       {
           if (Convert.ToInt32(e.KeyChar) == 13) butExtraer_Click(null, null);
       }

   }
}


El código se encargará de leer uno a uno los elementos del array representado por el archivo de recursos que en este caso  es el ejecutable mencionado, al llegar a la posición 2057 empezara a escribir el contenido del textbox en lugar de los datos originales y una vez que termina continua escribiendo el resto del contenido original, como resultado tenemos:


Así tb, si no utilizamos todos los caracteres que tiene la variable el programa los reemplazará con valores nulos así podremos reemplazar la variable total o parcialmente.

Tb puede hacerse de otro modo, si hacemos un programa que lea el contenido de un  ejecutable y lo escriba en un *.txt, este lo utilizaremos para declarar un array y seguiremos los mismos pasos que utilizamos cuando era un archivo de recurso.

Este seria el resultado guardado en un *.txt de prueba.exe, el cual utilizaremos para declarar un array para escribir el ejecutable con la variable modificada.

77,90,144,0,3,0,0,0,4,0,0,0,255,255,0,0,184,0,0,0,0,0,0,0,64,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,184,0,0,0,14,31,186,14,0,180,9,205,33,184,1,76,205,33,84,104,105,115,32,112,114,111,103,114,97,109,32,99,97,110,110,111,116,32,98,101,32,114,117,110,32,105,110,32,68,79,83,32,109,111,100,101,46,13,13,10,36,0,0,0,0,0,0,0,56,25,93,41,124,120,51,122,124,120,51,122,124,120,51,122,242,103,32,122,105,120,51,122,128,88,33,122,125,120,51,122,82,105,99,104,124,120,51,122,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,80,69,0,0,76,1,3,0,156,54,147,75,0,0,0,0,0,0,0,0,224,0,15,1,11,1,5,12,0,2,0,0,0,4,0,0,0,0,0,0,0,16,0,0,0,16,0,0,0,32,0,0,0,0,64,0,0,16,0,0,0,2,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,64,0,0,0,4,0,0,0,0,0,0,2,0,0,0,0,0,16,0,0,16,0,0,0,0,16,0,0,16,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,72,32,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,0,0,72,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,46,116,101,120,116,0,0,0,234,1,0,0,0,16,0,0,0,2,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,0,0,96,46,114,100,97,116,97,0,0,240,1,0,0,0,32,0,0,0,2,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,64,0,0,64,46,100,97,116,97,0,0,0,36,0,0,0,0,48,0,0,0,2,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,64,0,0,192,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,106,0,232,221,1,0,0,163,24,48,64,0,232,205,1,0,0,106,10,255,53,28,48,64,0,106,0,255,53,24,48,64,0,232,6,0,0,0,80,232,172,1,0,0,85,139,236,131,196,176,199,69,208,48,0,0,0,199,69,212,3,0,0,0,199,69,216,9,17,64,0,199,69,220,0,0,0,0,199,69,224,0,0,0,0,255,117,8,143,69,228,199,69,240,16,0,0,0,199,69,248,0,48,64,0,104,2,127,0,0,106,0,232,51,1,0,0,137,69,232,137,69,252,104,139,127,0,0,106,0,232,27,1,0,0,137,69,236,141,69,208,80,232,33,1,0,0,106,0,255,117,8,106,0,106,0,106,100,104,150,0,0,0,104,88,2,0,0,104,88,2,0,0,104,0,0,8,0,104,9,48,64,0,104,0,48,64,0,104,0,2,0,0,232,196,0,0,0,137,69,176,106,1,255,117,176,232,243,0,0,0,255,117,176,232,247,0,0,0,106,0,106,0,106,0,141,69,180,80,232,178,0,0,0,11,192,116,20,141,69,180,80,232,213,0,0,0,141,69,180,80,232,150,0,0,0,235,217,139,69,188,201,194,16,0,85,139,236,131,125,12,2,117,9,106,0,232,149,0,0,0,235,104,131,125,12,1,117,77,106,0,255,53,24,48,64,0,106,1,255,117,8,106,25,106,100,106,15,106,20,104,128,0,128,80,106,0,104,19,48,64,0,104,0,2,0,0,232,62,0,0,0,163,32,48,64,0,104,9,48,64,0,255,53,32,48,64,0,232,95,0,0,0,255,53,32,48,64,0,232,78,0,0,0,235,21,255,117,20,255,117,16,255,117,12,255,117,8,232,17,0,0,0,201,194,16,0,51,192,201,194,16,0,204,255,37,64,32,64,0,255,37,56,32,64,0,255,37,52,32,64,0,255,37,32,32,64,0,255,37,16,32,64,0,255,37,20,32,64,0,255,37,24,32,64,0,255,37,28,32,64,0,255,37,60,32,64,0,255,37,36,32,64,0,255,37,40,32,64,0,255,37,44,32,64,0,255,37,48,32,64,0,255,37,4,32,64,0,255,37,0,32,64,0,255,37,8,32,64,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,188,33,0,0,174,33,0,0,206,33,0,0,0,0,0,0,18,33,0,0,32,33,0,0,44,33,0,0,62,33,0,0,4,33,0,0,94,33,0,0,112,33,0,0,126,33,0,0,146,33,0,0,240,32,0,0,222,32,0,0,82,33,0,0,204,32,0,0,0,0,0,0,148,32,0,0,0,0,0,0,0,0,0,0,162,33,0,0,16,32,0,0,132,32,0,0,0,0,0,0,0,0,0,0,226,33,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,188,33,0,0,174,33,0,0,206,33,0,0,0,0,0,0,18,33,0,0,32,33,0,0,44,33,0,0,62,33,0,0,4,33,0,0,94,33,0,0,112,33,0,0,126,33,0,0,146,33,0,0,240,32,0,0,222,32,0,0,82,33,0,0,204,32,0,0,0,0,0,0,86,0,67,114,101,97,116,101,87,105,110,100,111,119,69,120,65,0,131,0,68,101,102,87,105,110,100,111,119,80,114,111,99,65,0,0,147,0,68,105,115,112,97,116,99,104,77,101,115,115,97,103,101,65,0,0,34,1,71,101,116,77,101,115,115,97,103,101,65,0,148,1,76,111,97,100,67,117,114,115,111,114,65,0,152,1,76,111,97,100,73,99,111,110,65,0,213,1,80,111,115,116,81,117,105,116,77,101,115,115,97,103,101,0,225,1,82,101,103,105,115,116,101,114,67,108,97,115,115,69,120,65,0,0,22,2,83,101,116,70,111,99,117,115,0,0,61,2,83,101,116,87,105,110,100,111,119,84,101,120,116,65,0,0,72,2,83,104,111,119,87,105,110,100,111,119,0,0,94,2,84,114,97,110,115,108,97,116,101,77,101,115,115,97,103,101,0,0,106,2,85,112,100,97,116,101,87,105,110,100,111,119,0,0,117,115,101,114,51,50,46,100,108,108,0,0,155,0,69,120,105,116,80,114,111,99,101,115,115,0,230,0,71,101,116,67,111,109,109,97,110,100,76,105,110,101,65,0,52,1,71,101,116,77,111,100,117,108,101,72,97,110,100,108,101,65,0,0,107,101,114,110,101,108,51,50,46,100,108,108,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,99,86,101,110,116,97,110,97,0,101,115,112,101,114,97,110,100,111,0,101,100,105,116,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,

Resultado utilizado en el programa:

Código (csharp) [Seleccionar]
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.IO;

namespace leerExe
{
   public partial class Form1 : Form
   {
       public Form1()
       {
           InitializeComponent();
       }
       private void butLeer_Click(object sender, EventArgs e)
       {
           FDabrirArchivo.Filter = "Archivo ejecutable|*.exe";
           FDabrirArchivo.Title = "Abrir archivo ejecutable";

           if (FDabrirArchivo.ShowDialog() == DialogResult.OK)
           {
               Array bArchivo = File.ReadAllBytes(FDabrirArchivo.FileName);
               SFguardarArchivo.Filter = "Archivo de Texto|*.txt";
               SFguardarArchivo.Title = "Guardar archivo de texto";
               SFguardarArchivo.ShowDialog();
               if (SFguardarArchivo.FileName != "")
               {
                   FileStream stream = new FileStream(SFguardarArchivo.FileName, FileMode.OpenOrCreate, FileAccess.Write);
                   StreamWriter writer = new StreamWriter(stream);
                   foreach (object b in bArchivo)
                   {
                       writer.Write(b + ",");
                   }
                   writer.Close();
               }
           }
       }
   
       private void butCrear_Click(object sender, EventArgs e)
       {
           int[] iArchivo = new int[2560] { 77, 90, 144, 0, 3, 0, 0, 0, 4, 0, 0, 0, 255, 255, 0, 0, 184, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 184, 0, 0, 0, 14, 31, 186, 14, 0, 180, 9, 205, 33, 184, 1, 76, 205, 33, 84, 104, 105, 115, 32, 112, 114, 111, 103, 114, 97, 109, 32, 99, 97, 110, 110, 111, 116, 32, 98, 101, 32, 114, 117, 110, 32, 105, 110, 32, 68, 79, 83, 32, 109, 111, 100, 101, 46, 13, 13, 10, 36, 0, 0, 0, 0, 0, 0, 0, 56, 25, 93, 41, 124, 120, 51, 122, 124, 120, 51, 122, 124, 120, 51, 122, 242, 103, 32, 122, 105, 120, 51, 122, 128, 88, 33, 122, 125, 120, 51, 122, 82, 105, 99, 104, 124, 120, 51, 122, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 80, 69, 0, 0, 76, 1, 3, 0, 156, 54, 147, 75, 0, 0, 0, 0, 0, 0, 0, 0, 224, 0, 15, 1, 11, 1, 5, 12, 0, 2, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 16, 0, 0, 0, 32, 0, 0, 0, 0, 64, 0, 0, 16, 0, 0, 0, 2, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 16, 0, 0, 16, 0, 0, 0, 0, 16, 0, 0, 16, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 72, 32, 0, 0, 60, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, 0, 0, 72, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 46, 116, 101, 120, 116, 0, 0, 0, 234, 1, 0, 0, 0, 16, 0, 0, 0, 2, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, 0, 0, 96, 46, 114, 100, 97, 116, 97, 0, 0, 240, 1, 0, 0, 0, 32, 0, 0, 0, 2, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 64, 46, 100, 97, 116, 97, 0, 0, 0, 36, 0, 0, 0, 0, 48, 0, 0, 0, 2, 0, 0, 0, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 192, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106, 0, 232, 221, 1, 0, 0, 163, 24, 48, 64, 0, 232, 205, 1, 0, 0, 106, 10, 255, 53, 28, 48, 64, 0, 106, 0, 255, 53, 24, 48, 64, 0, 232, 6, 0, 0, 0, 80, 232, 172, 1, 0, 0, 85, 139, 236, 131, 196, 176, 199, 69, 208, 48, 0, 0, 0, 199, 69, 212, 3, 0, 0, 0, 199, 69, 216, 9, 17, 64, 0, 199, 69, 220, 0, 0, 0, 0, 199, 69, 224, 0, 0, 0, 0, 255, 117, 8, 143, 69, 228, 199, 69, 240, 16, 0, 0, 0, 199, 69, 248, 0, 48, 64, 0, 104, 2, 127, 0, 0, 106, 0, 232, 51, 1, 0, 0, 137, 69, 232, 137, 69, 252, 104, 139, 127, 0, 0, 106, 0, 232, 27, 1, 0, 0, 137, 69, 236, 141, 69, 208, 80, 232, 33, 1, 0, 0, 106, 0, 255, 117, 8, 106, 0, 106, 0, 106, 100, 104, 150, 0, 0, 0, 104, 88, 2, 0, 0, 104, 88, 2, 0, 0, 104, 0, 0, 8, 0, 104, 9, 48, 64, 0, 104, 0, 48, 64, 0, 104, 0, 2, 0, 0, 232, 196, 0, 0, 0, 137, 69, 176, 106, 1, 255, 117, 176, 232, 243, 0, 0, 0, 255, 117, 176, 232, 247, 0, 0, 0, 106, 0, 106, 0, 106, 0, 141, 69, 180, 80, 232, 178, 0, 0, 0, 11, 192, 116, 20, 141, 69, 180, 80, 232, 213, 0, 0, 0, 141, 69, 180, 80, 232, 150, 0, 0, 0, 235, 217, 139, 69, 188, 201, 194, 16, 0, 85, 139, 236, 131, 125, 12, 2, 117, 9, 106, 0, 232, 149, 0, 0, 0, 235, 104, 131, 125, 12, 1, 117, 77, 106, 0, 255, 53, 24, 48, 64, 0, 106, 1, 255, 117, 8, 106, 25, 106, 100, 106, 15, 106, 20, 104, 128, 0, 128, 80, 106, 0, 104, 19, 48, 64, 0, 104, 0, 2, 0, 0, 232, 62, 0, 0, 0, 163, 32, 48, 64, 0, 104, 9, 48, 64, 0, 255, 53, 32, 48, 64, 0, 232, 95, 0, 0, 0, 255, 53, 32, 48, 64, 0, 232, 78, 0, 0, 0, 235, 21, 255, 117, 20, 255, 117, 16, 255, 117, 12, 255, 117, 8, 232, 17, 0, 0, 0, 201, 194, 16, 0, 51, 192, 201, 194, 16, 0, 204, 255, 37, 64, 32, 64, 0, 255, 37, 56, 32, 64, 0, 255, 37, 52, 32, 64, 0, 255, 37, 32, 32, 64, 0, 255, 37, 16, 32, 64, 0, 255, 37, 20, 32, 64, 0, 255, 37, 24, 32, 64, 0, 255, 37, 28, 32, 64, 0, 255, 37, 60, 32, 64, 0, 255, 37, 36, 32, 64, 0, 255, 37, 40, 32, 64, 0, 255, 37, 44, 32, 64, 0, 255, 37, 48, 32, 64, 0, 255, 37, 4, 32, 64, 0, 255, 37, 0, 32, 64, 0, 255, 37, 8, 32, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 188, 33, 0, 0, 174, 33, 0, 0, 206, 33, 0, 0, 0, 0, 0, 0, 18, 33, 0, 0, 32, 33, 0, 0, 44, 33, 0, 0, 62, 33, 0, 0, 4, 33, 0, 0, 94, 33, 0, 0, 112, 33, 0, 0, 126, 33, 0, 0, 146, 33, 0, 0, 240, 32, 0, 0, 222, 32, 0, 0, 82, 33, 0, 0, 204, 32, 0, 0, 0, 0, 0, 0, 148, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 162, 33, 0, 0, 16, 32, 0, 0, 132, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 226, 33, 0, 0, 0, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 188, 33, 0, 0, 174, 33, 0, 0, 206, 33, 0, 0, 0, 0, 0, 0, 18, 33, 0, 0, 32, 33, 0, 0, 44, 33, 0, 0, 62, 33, 0, 0, 4, 33, 0, 0, 94, 33, 0, 0, 112, 33, 0, 0, 126, 33, 0, 0, 146, 33, 0, 0, 240, 32, 0, 0, 222, 32, 0, 0, 82, 33, 0, 0, 204, 32, 0, 0, 0, 0, 0, 0, 86, 0, 67, 114, 101, 97, 116, 101, 87, 105, 110, 100, 111, 119, 69, 120, 65, 0, 131, 0, 68, 101, 102, 87, 105, 110, 100, 111, 119, 80, 114, 111, 99, 65, 0, 0, 147, 0, 68, 105, 115, 112, 97, 116, 99, 104, 77, 101, 115, 115, 97, 103, 101, 65, 0, 0, 34, 1, 71, 101, 116, 77, 101, 115, 115, 97, 103, 101, 65, 0, 148, 1, 76, 111, 97, 100, 67, 117, 114, 115, 111, 114, 65, 0, 152, 1, 76, 111, 97, 100, 73, 99, 111, 110, 65, 0, 213, 1, 80, 111, 115, 116, 81, 117, 105, 116, 77, 101, 115, 115, 97, 103, 101, 0, 225, 1, 82, 101, 103, 105, 115, 116, 101, 114, 67, 108, 97, 115, 115, 69, 120, 65, 0, 0, 22, 2, 83, 101, 116, 70, 111, 99, 117, 115, 0, 0, 61, 2, 83, 101, 116, 87, 105, 110, 100, 111, 119, 84, 101, 120, 116, 65, 0, 0, 72, 2, 83, 104, 111, 119, 87, 105, 110, 100, 111, 119, 0, 0, 94, 2, 84, 114, 97, 110, 115, 108, 97, 116, 101, 77, 101, 115, 115, 97, 103, 101, 0, 0, 106, 2, 85, 112, 100, 97, 116, 101, 87, 105, 110, 100, 111, 119, 0, 0, 117, 115, 101, 114, 51, 50, 46, 100, 108, 108, 0, 0, 155, 0, 69, 120, 105, 116, 80, 114, 111, 99, 101, 115, 115, 0, 230, 0, 71, 101, 116, 67, 111, 109, 109, 97, 110, 100, 76, 105, 110, 101, 65, 0, 52, 1, 71, 101, 116, 77, 111, 100, 117, 108, 101, 72, 97, 110, 100, 108, 101, 65, 0, 0, 107, 101, 114, 110, 101, 108, 51, 50, 46, 100, 108, 108, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 99, 86, 101, 110, 116, 97, 110, 97, 0, 114, 101, 0, 0, 0, 0, 0, 0, 0, 0, 101, 100, 105, 116, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
           SFguardarArchivo.Filter = "Archivo Ejecutables|*.exe";
           SFguardarArchivo.Title = "Guardar archivo ejecutable nuevo";
           SFguardarArchivo.ShowDialog();
           if (SFguardarArchivo.FileName != "")
           {
               int contador = 0;
               int iLetra = 0;
               int iTexto = 0;
               FileStream stream = new FileStream(SFguardarArchivo.FileName, FileMode.Create, FileAccess.Write);
               BinaryWriter writer = new BinaryWriter(stream);
               iTexto = txtVariable.Text.Length;
               foreach (int i in iArchivo)
               {
                   if (contador > 2056 && contador < 2066)
                   {
                       if (iLetra < iTexto)
                       {
                           writer.Write(Convert.ToByte(txtVariable.Text[iLetra]));
                           iLetra++;
                       }
                       else writer.Write(Convert.ToByte(0));
                   }
                   else writer.Write(Convert.ToByte(i));
                   contador++;
               }
               writer.Close();
               stream.Close();
           }
       }
       private void textBox1_KeyPress(object sender, KeyPressEventArgs e)
       {
           if (Convert.ToInt32(e.KeyChar) == 13) butCrear_Click(null, null);
       }

       private void txtVariable_TextChanged(object sender, EventArgs e)
       {
           butCrear.Enabled = true;
       }
   }
   
}


Descargar los proyectos:
http://www.4shared.com/file/236608224/327e0348/EscribirEXE.html

Si se me paso algo favor avisar, no lo revisé a fondo.

-R IP
:0100
-A 100 
2826:0100 MOV AH,09
2826:0102 MOV DX,109
2826:0105 INT 21
2826:0105 MOV AH,08
2826:0105 INT 21
2826:0107 INT 20
2826:0109 DB 'MI NICK ES CODELIVE.$' 
2826:0127 
-R BX
:0000
-R CX
:20
-N CODELIVE.COM
-W

raul338

#1
Buen aporte Codelive

y aca uno mio, para los que no saben ASM (como yo :P) ni usar un editor hexadecimal :xD un compilador personalizado, con cambio de variables incluso (perfecto para troyanos, pero pueden hacerse otros usos, ABMs personalizados por ejemplo)

codigo del troyano simple:
No hice un troyano, hice el principio del bosquejo del troyano :P (es tarea de ustedes continuarlos, yo les doy el mapa, ustedes recorran el camino ;))

Código (csharp) [Seleccionar]

using System;
using System.Windows.Forms;
using System.Net;

namespace TroyanCompiler
{
   static class Program
   {
       /// <summary>
       /// The main entry point for the application.
       /// </summary>
       [STAThread]
       static void Main()
       {
           // Aca poner todo lo que puede hacer el troyano
           // Borre el form, ya que si es un troyano, el usuario no tiene que darse cuenta no? =P

           string sIP = "{IP}";
           IPAddress ip = new IPAddress(sIP);
           IPEndPoint endPoint = new IPEndPoint(ip, 600);

           MessageBox.Show("Aca deberia conectar a IP + " + ip.ToString());
       }
   }
}


Tendria la siguente salida


Ahora, el compilador, Un formulario con dos textbox (uno para IP y otro para la Salida del archivo) y un boton para generar (yo inclui un boton para el cuadro de dialogo, guardar)

Código (csharp) [Seleccionar]

/*****
* Generador de codigo personalizable, By Raul338
* Gracias a Mario Ropero, por su entrada en el blog, Este codigo esta basado en su codigo
* http://geeks.ms/blogs/mropero/default.aspx
****/

private void BtnGenerar_Click(object sender, EventArgs e)
{
   // Validamos la IP introducida
   bool isIP = Regex.IsMatch(txtIP.Text, @"^(?>(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?>25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$");

   if (!isIP)
   {
       MessageBox.Show("Ponga una IP valida, porque sino el troyano no funcionara");
       return;
   }

   // Instanciamos un compilador
   CompilerParameters cp = new CompilerParameters();
   cp.ReferencedAssemblies.Add("system.dll");
   cp.ReferencedAssemblies.Add("system.windows.forms.dll");
   // Opciones de compilador
   cp.GenerateExecutable = true;
   cp.CompilerOptions = "/target:winexe";
   cp.IncludeDebugInformation = false;
   cp.GenerateInMemory = false;

   // Cargamos el codigo en un StringBuilder
   StringBuilder code = new StringBuilder();
   // TroyanCode.cs es el codigo anterior
   StreamReader sr = File.OpenText(Application.StartupPath + @"\TroyanCode.cs");
   string linea;

   while (!sr.EndOfStream) {
       linea = sr.ReadLine();
       // Buscamos los comodines a reemplazar
       if (Regex.IsMatch(linea, "\"{IP}\";$"))
           linea = Regex.Replace(linea, "{IP}", txtIP.Text, RegexOptions.None);
       
       code.Append(linea + System.Environment.NewLine);
   }

   // Compilamos
   CompilerResults cr = CodeDomProvider.CreateProvider("C#").CompileAssemblyFromSource(cp, code.ToString());
   if (cr.Errors.HasErrors) {
       // Hay errores, los mostramos
       StringBuilder error = new StringBuilder();
       error.Append("Error al compilar: ");
       foreach (CompilerError err in cr.Errors)
       {
           error.AppendFormat("{0}\n", err.ErrorText);
       }
       MessageBox.Show("Error al compilar: " + error.ToString());
       return;
   } else {
       // Copiamos de temporales al lugar deseado
       if (File.Exists(txtLugar.Text))
           File.Delete(txtLugar.Text);
       File.Copy(cr.PathToAssembly, txtLugar.Text);
       File.Delete(cr.PathToAssembly);
   }
}


Aca el codigo completo funcionando:

http://www.mediafire.com/download.php?wjmozjnnmwz



Espero que les sirva!!

43H4FH44H45H4CH49H56H45H

Cita de: raul338 en  8 Marzo 2010, 15:23 PMpara los que no saben ASM (como yo :P)

El lenguaje de programación (c,c++,vb,vb.net,c#.net,etc) en el que se crea el *.exe a modificar da igual, solo utilize ASM para el ejemplo  :P.

Esta interesante tu Code, lo veo mejor mas tarde  ;D.

-R IP
:0100
-A 100 
2826:0100 MOV AH,09
2826:0102 MOV DX,109
2826:0105 INT 21
2826:0105 MOV AH,08
2826:0105 INT 21
2826:0107 INT 20
2826:0109 DB 'MI NICK ES CODELIVE.$' 
2826:0127 
-R BX
:0000
-R CX
:20
-N CODELIVE.COM
-W

Beowulf

Muy buenos los dos, probando y APRENDIENDO.... ;-)
La navaja de Occam: la explicación mas simple suele ser que alguien la ha cagado (G. Hause)

elmaro

Buen aporte.
En cuanto tenga un minuto lo pruebo porque hace poco estuve necesitando hacer esto.

Saludos!