1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Copy an .exe to a new .exe file using C/C++

Discussion in 'C, C++, C#' started by Avenger625, Feb 1, 2011.

  1. Avenger625

    Avenger625 Newbie

    Joined:
    Feb 1, 2011
    Messages:
    3
    Likes Received:
    0
    Let there be an executable file say, t1.exe. If I run t1.exe then it shall copy itself to a new executable file say t2.exe.

    Code:
    
    #include <stdio.h>
    #include <stdlib.h>
    #include <conio.h>
    
    void main()
    {
    FILE *fp,*tp;
    unsigned long int t=0;
    tp=fopen("t2.exe","wb");
    //rewind(tp);
    if((fp=fopen("t1.exe","rb"))!=NULL)
    {
    fseek(fp,0L,2);
    unsigned long int pos=ftell(fp);
    rewind(fp);
    do{
    fputc(fgetc(fp),tp);
    t++;
    }while(t!=pos+1);
    }
    
    fcloseall();
    //system("t2.exe");
    printf("End of t1");
    getch();
    }
    
    
    t2.exe is created but when I run this it says "t2 has stopped working." I'm using Windows 7(Home Basic) 64bit. The program is compiled with Borland C++ V. 5.02.

    And amazingly t1.exe and t2.exe has exactly same file size(in bytes) but still t1.exe works but t2.exe doesn't......don't understand why...??!!

    Please reply fast!!! It's URGENT....!!!!
    Thnx!
     
  2. dario1977

    dario1977 Regular Member

    Joined:
    Jul 6, 2010
    Messages:
    245
    Likes Received:
    36
    Location:
    Europe
    Home Page:
    That's a techique often used by virus.
    Try to disable your antivirus and retry
     
  3. Avenger625

    Avenger625 Newbie

    Joined:
    Feb 1, 2011
    Messages:
    3
    Likes Received:
    0
    I currently have no anti-virius installed!!!

    I really don't understand what's the issue.......Plzzz HELP!!!!
     
  4. dario1977

    dario1977 Regular Member

    Joined:
    Jul 6, 2010
    Messages:
    245
    Likes Received:
    36
    Location:
    Europe
    Home Page:
    I'm almost sure that on an XP 32bit machine that would work with no problems
     
  5. ramtripper

    ramtripper BANNED BANNED

    Joined:
    Jul 31, 2010
    Messages:
    427
    Likes Received:
    273
    try virtual machine windows xp, or run as windows xp - 32 bit
     
  6. Kaimi

    Kaimi Newbie

    Joined:
    Dec 6, 2009
    Messages:
    35
    Likes Received:
    230
    Home Page:
    Because t2 is trying to modify file that is executing right now.
     
  7. dario1977

    dario1977 Regular Member

    Joined:
    Jul 6, 2010
    Messages:
    245
    Likes Received:
    36
    Location:
    Europe
    Home Page:
    that's right
     
  8. Avenger625

    Avenger625 Newbie

    Joined:
    Feb 1, 2011
    Messages:
    3
    Likes Received:
    0
    Right!!! Thanks!!! Really......thanks a lloooooottt............
    U know what I had a different code to do this and that worked perfectly right. This was back in November'10. I had to format my machine and accidentally the code got deleted and because of my xams i had to postpone the project. By the end of December, when i re-started the project, i found the code wasn't there and also it was wiped out from my brain.
    Thereafter, i wrote this one but could not make it run.......modified it in thousands of different ways,googled for some solutions or example code,wrote in different forums and finally today i regeistered here and asked for help over here. I wasted hell lot of time over this simple thing but........
    Suddenly, today at arround 2:30PM IST this clicked my mind and finally made it run.....!!!
    I wish I had posted here earlier.......then i would not have wasted this much time!!!

    But, thanks a lot Kaimi.........


    But, when i was hunting for solutions i got i good thing at Google. I mean i liked it and never knew about it.......You people might be knowing but would just like to share.......

    >> Inject a dll into a process

    Code:
    #include <string>
    #include <windows.h>
    
    #define MAXWAIT 10000
    
    bool insertDll(DWORD procID, std::string dll)
    {
        //Find the address of the LoadLibrary api, luckily for us, it is loaded in the same address for every process
        HMODULE hLocKernel32 = GetModuleHandle("Kernel32");
        FARPROC hLocLoadLibrary = GetProcAddress(hLocKernel32, "LoadLibraryA");
        
        //Adjust token privileges to open system processes
        HANDLE hToken;
        TOKEN_PRIVILEGES tkp;
        if(OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
        {
            LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
            tkp.PrivilegeCount = 1;
            tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
            AdjustTokenPrivileges(hToken, 0, &tkp, sizeof(tkp), NULL, NULL);
        }
    
        //Open the process with all access
        HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procID);
    
        //Allocate memory to hold the path to the Dll File in the process's memory
        dll += '\0';
        LPVOID hRemoteMem = VirtualAllocEx(hProc, NULL, dll.size(), MEM_COMMIT, PAGE_READWRITE);
    
        //Write the path to the Dll File in the location just created
        DWORD numBytesWritten;
        WriteProcessMemory(hProc, hRemoteMem, dll.c_str(), dll.size(), &numBytesWritten);
    
        //Create a remote thread that starts begins at the LoadLibrary function and is passed are memory pointer
        HANDLE hRemoteThread = CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)hLocLoadLibrary, hRemoteMem, 0, NULL);
    
        cout << hRemoteThread << endl;
    
        //Wait for the thread to finish
        bool res = false;
        if (hRemoteThread)
            res = (bool)WaitForSingleObject(hRemoteThread, MAXWAIT) != WAIT_TIMEOUT;
    
        //Free the memory created on the other process
        VirtualFreeEx(hProc, hRemoteMem, dll.size(), MEM_RELEASE);
    
        //Release the handle to the other process
        CloseHandle(hProc);
    
        return res;
    }