|
I remember in (a galaxy/time long ago) when we used to write particular data to the end of the exe - when the exe next opened, it would detect if the data was there by a signature and use that (IIRC we also had to recalculate the checksum of the file) .. I dont think that would help you, this was in DOS days
I offer two suggestions (not sure if they will help) :-
a) store the data in the resource table - it can be modified by adding a custom post build step to fang off a program to edit the resource value
b) Using Matt Pietrek's notes on the PE format etc, maybe you can create a value in the .DATA segment (or such), and write directly back into the exe, by locating that segment/value in the compiled exe ??
apologies if this isnt what you want
'g'
|
|
|
|
|
Hi Garth,
Garth J Lancaster wrote: Using Matt Pietrek's notes on the PE format etc, maybe you can create a value in the .DATA segment (or such), and write directly back into the exe, by locating that segment/value in the compiled exe ??
I pretty much crawled his code in Dynamic TEXT Section Image Verification[^], an article which detects Hardware Faults and Unauthorized Patching.
I'm now writing the Self Healing Code compliment to the previous article.
Garth J Lancaster wrote: store the data in the resource table - it can be modified by adding a custom post build step to fang off a program to edit the resource value
This was the direction I was going to lead the article. However, I've gotten some interesting results from Compiler code generation, so I think I'm going to stay with back patching (not only will it be mentioned, I will now credit you with it - it is always nice to share). My research did turn up Adding and extracting binary resources[^] by Adrian Cooper which I was going to cite and modify for use.
Jeff
|
|
|
|
|
cool, thanks - I realise only one of those methods was 'back patching' in a true sense (ie I wasnt sure if resource editing could be considered as such, more as a way to acheive a similar result, given assistance from MS tools - it would probably form a whole new article going into the differences and why/why nots of each technique)
Looking forward to reading your article (as always )
'g'
|
|
|
|
|
Hi Garth,
Garth J Lancaster wrote: Looking forward to reading your article (as always )
Thank You very much.
Three samples are written, probably two to go. If I went with just a couple of samples and a few screen shots, the article would be up already. It looks like this is going to be another long read with lots of pictures (the way I like to read when grabbing a concept).
Jeff
|
|
|
|
|
|
Got my '5'
Im thinking (more to myself), about the implications of hooking and things like 'Detours' in all of this .. I'd have to do some more study to determine the feasibility of someone clever enough bypassing the tamper check routines themselves - ie injecting a routine that simply says the images match ...
but nice work and good reading
'g'
|
|
|
|
|
Hi Garth,
Garth J Lancaster wrote: I'd have to do some more study to determine the feasibility
Perhaps we can coauthor something together.
Garth J Lancaster wrote: someone clever enough bypassing the tamper check routines themselves - ie injecting a routine that simply says the images match ...
Yep - they are there. I presume my EXE will be thoroughly scrutunized and reversed.
BTW, I spent years with Fravia+, Mammon+ and the gang at HCU, so it is a qualified opinion.
Garth J Lancaster wrote: but nice work and good reading
Thank you very much.
Jeff
|
|
|
|
|
I am getting the structure in http://msdn2.microsoft.com/en-us/library/aa380981.aspx
It has an unsigned long -> shi502_permissions
And MSDN says that :
shi502_permissions
Specifies a DWORD value that indicates the shared resource's permissions for servers running with share-level security. This member is ignored on a server running user-level security. This member can be any of the following values. Calls to the NetShareSetInfo function ignore this member.
Note that the Windows Server 2003 family, Windows XP, Windows 2000, and Windows NT do not support share-level security. For more information about controlling access to securable objects, see Access Control, Privileges, and Securable Objects.
Value Meaning
ACCESS_READ Permission to read data from a resource and, by default, to execute the resource.
ACCESS_WRITE Permission to write data to the resource.
ACCESS_CREATE Permission to create an instance of the resource (such as a file); data can be written to the resource as the resource is created.
ACCESS_EXEC Permission to execute the resource.
ACCESS_DELETE Permission to delete the resource.
ACCESS_ATRIB Permission to modify the resource's attributes (such as the date and time when a file was last modified).
ACCESS_PERM Permission to modify the permissions (read, write, create, execute, and delete) assigned to a resource for a user or application.
ACCESS_ALL Permission to read, write, create, execute, and delete resources, and to modify their attributes and permissions.
How can i parse shi502_permissions and get values of these flags ?
Thank you very much.
|
|
|
|
|
Hi Akin,
Could you send over the code (and the steps to cause the permission)? I've never encountered this before, and would like to observe it under a debugger.
Jeff
|
|
|
|
|
Even though my MFC application contains a manifest which makes its buttons have the XP style, this doesn't work for the buttons in an HTML dialog box.
Does anyone know how to make the buttons in a CHTMLDialog have the XP style?
--------------------------------
"All that is necessary for the forces of evil to win in the world is for enough good men to do nothing" -- Edmund Burke
|
|
|
|
|
Is there anyway to detect a cdrom being ejected?
I've tried RegisterDeviceNotification with various different parameters but still no WM_DEVICECHANGE message received when user eject the CD.
|
|
|
|
|
Here is some rough code of device notification:
void CMyDlg::OnDeviceNotify()
{
CString cs;
HDEVNOTIFY *hdn = NULL;
bool bDevInterResult = DoRegisterDeviceInterface(SOME_GUID, hdn) != 0;
if (bDevInterResult)
{
cs.Format("Device notification : %d", bDevInterResult);
MessageBox(cs);
}
else
{
MessageBox("Device Notification Registration failed");
}
}
BOOL CMyDlg::DoRegisterDeviceInterface(GUID InterfaceClassGuid, HDEVNOTIFY *hDevNotify)
{
DEV_BROADCAST_DEVICEINTERFACE NotificationFilter;
char szMsg[80];
ZeroMemory(&NotificationFilter, sizeof(NotificationFilter) );
NotificationFilter.dbcc_size = sizeof(DEV_BROADCAST_DEVICEINTERFACE);
NotificationFilter.dbcc_devicetype = DBT_DEVTYP_DEVICEINTERFACE;
NotificationFilter.dbcc_classguid = InterfaceClassGuid;
hDevNotify = (void **)RegisterDeviceNotification(GetSafeHwnd(),
&NotificationFilter, DEVICE_NOTIFY_WINDOW_HANDLE);
if (!*hDevNotify)
{
wsprintf(szMsg, "RegisterDeviceNotification failed: %d\n",
GetLastError());
MessageBox((const char*)GetSafeHwnd(),szMsg, MB_OK);
return FALSE;
}
return TRUE;
}
BOOL CMyDlg::OnDeviceChange(UINT nEventType, DWORD dwData)
{
MessageBox("Device Change Occurred");
DEV_BROADCAST_HDR *lpdbh= (DEV_BROADCAST_HDR *)dwData;
switch (nEventType)
{
case DBT_DEVICEARRIVAL:
MessageBox("New Device Arrived");
break;
case DBT_DEVICEREMOVECOMPLETE:
MessageBox("Device Removed");
break;
}
return TRUE;
}
|
|
|
|
|
Yes, I've tried that. It works fine if I set it to a disk GUID and then pull out a USB flash drive, but does not work if i set it to a CDROM GUID or a Volume GUID and then eject the CD.
|
|
|
|
|
I have this form (in PDF) which Im trying to mimic.
It has the text "2007" and it appears as hollow text; that
is there is the black frame for the numbers but the inside
is white.
If I highlight in Adobe Acrobat and click properties, it
shows the font:
HelveticaNeue-Bold
But this is not very helpful. If I try to use this font, it
doesnt show up as hollow.
How can I mimic this font style?
Please, any response any one can give me will be greatly
appreciated.
Sincerely,
Danielle Brina (an overworked graduate student)
|
|
|
|
|
By far the easiest way to achieve this is to use a hollow font, such as Arialic Hollow.ttf.
|
|
|
|
|
Pls i need a help, i m new in visual C++ and i m asked to write a scrabble in C++.
I hope my request will be considered
|
|
|
|
|
urbdos wrote: I hope my request will be considered
Of course, we'll be glad to help. Post the code that you're having a problem with, and we'll take a look.
|
|
|
|
|
thank you for reply my mail but I m sorry for not replying this email as soon as. forgive me for that. As i said in my first mail, i want to write a scrabble game in C++ and it should be human vs. machine, i just want a simple program, so i want you to give me the guidelines, because i m begineer in C++
Thank you;
human vs. machine
|
|
|
|
|
You have to be more specific. Do you want to make a game human vs. human or human vs. machine? The first seems to be a GUI issue, the second seems to be more of a dicionary issue than anything (where will you get it and what quality does it have?).
Rilhas
|
|
|
|
|
Hi,
I'm writing a Windows program which reads in an audio file and allows for some simple manipulations on the waveform.
I'm trying to figure what is the best control to use for displaying the PCM waveform. I guess there are different graphing and charting controls avail, however what I'm really looking for is something interactive. I'd like the user to be able to use the mouse to select part of the waveform for playback with various effects. The selected part of the waveform should be indicated with some kind of highlight effect.
Does such a control exist? Or do I need to write my own?
If I need to write my own, what is the best way to do it? I guess I'm thinking of an MFC SDI dialog based application with some kind of custom control for diplaying/manipulating the waveform. Or I should I just use the Windows API directly for drawing directly in the window?
A further complication is that I would eventually like to create(or use) some kind of super cool skin for the application.
Thanks - @LG
|
|
|
|
|
how do I convert from CString to string, and vice versa.
Also, what does it mean when they say convert to system string?
--Star
|
|
|
|
|
It depends on the exact type of the target string, for instance you can do
CString myCString = "Hi";
const char * myCLikeString = myCString;
to obtain a (constant) C-like string, since CString defines the LPCSTR cast operator.
and
const char * myCLikeString = "Hello";
CString myCString = myCLikeString;
thanks to CString::= operator.
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler.
-- Alfonso the Wise, 13th Century King of Castile.
|
|
|
|
|
|
Hi
I am making an application in VC++ 6.0 and my application type is Dialog based application with static link libeary.
Now problem is that ->
Suppose i am in form one and using its button event coding(When i will reach to form two)
Now when i am at form two form one will also open
mense now there will be two form open
I want that when i will reach at form two form one will close automatically
At a time i will be at only one form.
Please any one told me how i do it.
Regard's
Kaushik
|
|
|
|
|
I hope, both your forms are Modal. In that case you do not need to close the 1st dialog as that will be inactive in any case.
Do you have any specific reason for that?
Manoj
Never Gives up
|
|
|
|