Help Creating a Patch

[nouser]

Hi! I found some info in this forum about patching a program but not a complete guide.. Lets say i have 1.exe .This exe contains some textboxes.. i want to create a second exe (2.exe) which will be able to patch all or one value of textbox in the 1.exe.

As i said i found in this forum info about creating the 2.exe BUT in an exe which was build with microsoft studio 2010(vb.net or c# etc..) i cannot find strings using w32dasm.. My plan was to open w32dasm and find the address of the string that i want to replace and then patch the address with 2.exe...

So HOW to find the address of a string/textbox.text(value) of an exe?

i can find the strings of an exe which was build by vb6 but not from an exe which was build by vb.net 2010..

Please help me..

Thanks!

[Karl L.]

I believe what you are referring to is program disassembly, not patching. Generally, a patch is generated using 'diff' and applied using 'patch', a process commonly known as patching. The assumption with patch is usually that you have access to the full source code of the program, which it sounds like you do not. It does not actually help you modify the program in any way.

As for disassembly, it sounds like you don't quite have a firm grasp on the basic concepts yet. I recommend that you read this primer on x86 program disassembly. While it won't specifically answer your question, it should at least give you a better understanding of how programs work and how to find program elements in assembly.

Finally, I believe that your specific problem may have something to do with the utility you are using. While w32dasm has been an excellent win32 disassembler for many years, it is no longer supported (since the last release in 2003) and has a few limitations. The most prominent of which are that it cannot disassemble 64-bit executables and does not work with managed languages, such as .NET and Java. Most likely the reason you can disassemble VB6 executables but not VB.NET 2010 is because after Visual Basic 6, Microsoft transitioned it to use the .NET Framework, hence the name.

[nouser]

Hi. I do have the source code my friend. I just want to create 2 exe files. 1 exe the default application and the 2.exe to change the value of a textbox of 1.exe.. thanks

[articuno1au]

Why not just recompile the application with the changes you want?

[nouser]

Why not just recompile the application with the changes you want?

because i want the user to be able to do it.. i make a project for someone.. he wants to "generate" an exe with his own specifications..

so the 1.exe will be the program with NULL values in textboxes.. and the 2.exe will be "patcher"..it will update the textboxe's values of 1.exe.. then he can use the 1.exe with these values.. you understand me? Thanks!

[articuno1au]

Perhaps consider changing the source files rather than the exe?

Generate an exe to read your source files, find the specific classes, open them in a stream reader and replace the text you need changed.

eg: Textbox1.Text = Null; -> Textbox1.Text = "Whatever";

Then the user himself merely has to recompile.

I don't know that what you want done is possible in .net. It might be, but I don't know of a way..

[Karl L.]

because i want the user to be able to do it.. i make a project for someone.. he wants to "generate" an exe with his own specifications..

so the 1.exe will be the program with NULL values in textboxes.. and the 2.exe will be "patcher"..it will update the textboxe's values of 1.exe.. then he can use the 1.exe with these values.. you understand me? Thanks!

Are you telling me that you want your user to learn how to use a disassembler?! I suspect not, but I'm having a little trouble figuring out exactly what you are planning on using the disassembler for now.

If you want the user to be able to generate a customized executable so that it can be distributed with user-defined settings and no external configuration file, you are probably going about it the wrong way. It would probably be easiest to generate a configuration file (such as XML or INI) when the user saves his settings. It would be easiest to have the user simply distribute this file with the executable so his defaults can easily be loaded. If everything must be contained in a single executable, the easiest option is to use an installer, such as NSIS, to package both together and extract them when executed. Another option, which I have looked into but never actually implemented, would be to embed the configuration file into a copy of your executable as a resource, then instruct the program to look for the resource every time it is run.

[n_K]

www.clickteam.com

Use install creator or patch maker, loads of companies use them to make game patches and it does what you're after (differential patching)

[nouser]

Let me explain you.first of all thanks everyone!!

I work to someone online and make a program for him. He will sell the program to MANY people.. Someone will HAVE to buy 2 programs because the guy im working to, do not want to compile the project all the time and he wants his customers to be able to MAKE THEIR EXE WITH THEIR VALUES :)

so someone will buy these 2 programs.

1.exe is the standard program with NULL VALUES

2.exe is a program which will run and have 3 textboxes. Customer will add in first textfiled his Phone,second textfield his Email and third textfield his address. The he will click CREATE EXE button and the 1.exe will get these values to HIS 3 textfields..now everytime someone openes 1.exe it will contain these values and it will not be null..

:)

[Karl L.]

www.clickteam.com

Use install creator or patch maker, loads of companies use them to make game patches and it does what you're after (differential patching)

That is AWESOME! I have never seen something like that before, but I really like it.

I'm not sure it solves the problem at hand though. On second thought, maybe it could be used for this purpose, I'm just not sure exactly how yet.

[articuno1au]

Let me explain you.first of all thanks everyone!!

I work to someone online and make a program for him. He will sell the program to MANY people.. Someone will HAVE to buy 2 programs because the guy im working to, do not want to compile the project all the time and he wants his customers to be able to MAKE THEIR EXE WITH THEIR VALUES :)

so someone will buy these 2 programs.

1.exe is the standard program with NULL VALUES

2.exe is a program which will run and have 3 textboxes. Customer will add in first textfiled his Phone,second textfield his Email and third textfield his address. The he will click CREATE EXE button and the 1.exe will get these values to HIS 3 textfields..now everytime someone openes 1.exe it will contain these values and it will not be null..

:)

How are the values saved by 1.exe?

Can you just create an XML config file with your settings in it?

Sorry, this just seems like reinventing the wheel to me >.<

[n_K]

Yeah just use XML or INI or SQL or anything like that, you can even embed it into the EXE (if needed) and just extract it when the program runs (have a header like #####SECRETHEADER) to look for and get the data after that.

[nouser]

i wanted to use ini but the guy im working for, he wants standalone exe!! is there any way to make an ini and embed it? i guess no..thanks

[Karl L.]

Yeah just use XML or INI or SQL or anything like that, you can even embed it into the EXE (if needed) and just extract it when the program runs (have a header like #####SECRETHEADER) to look for and get the data after that.

Exactly what I was going to suggest next. You beat me to it. Needless to say, I agree.

[articuno1au]

You can definitely embed resources into the exe.

The issue is that the guy compiling it would have to create the config file each time he compiled it.

You could even use internal variables and just have the guy edit them in.. Probably easier if you are taking that approach..

[nouser]

i need these resources to be editable by the user via an other exe... :/

i have seen what i am asking in trojans in the looong past. user could put his ip/dns and create an exe..i think it was being done with patching.. i was too young..i just remember that..i want something similar..basically i want that thing but not for trojan lol thanks

[articuno1au]

<?xml version="1.0" encoding="utf-8"?>
<ArrayOfSettings xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <Settings>
	<ServerPath>C:\Server\whatever.exe</ServerPath>
	<PortNumber>8420</PortNumber>
	<PortCheck>true</PortCheck>
	<AutoStart>true</AutoStart>
  </Settings>
</ArrayOfSettings>[/CODE]

That's how I do it. Simply create a structure (or class) containing your settings.

[CODE]
public struct Settings
{
public string ServerPath;
public int PortNumber;
public bool PortCheck;
public bool AutoStart;
}
[/CODE]

Then:

[CODE]
var xmlSerializer = new XmlSerializer(typeof (Settings[]));
var sWriter = new StreamWriter(AppDomain.CurrentDomain.BaseDirectory + "Settings.xml", false);
xmlSerializer.Serialize(sWriter, settingsArray);
sWriter.Close();
[/CODE]

to write the settings out of the program, or the deserialize method to read the settings into the program.

This way the .exe is distributed all on it's own, but your program can create a settings file to work off of.

If the user needs to make changes, they can simply make a change in the .xml file (or in your application, or in a separate application that only makes the file etc etc etc)

You can embed this file as a resource and read it out of the resource instead of as a filesystem request. Then you just make the executable take the values and save them.. Might defy the point though >.>

EDIT::

I consulted with an expert on the subject, and he said it's possible, but it's a butt load of pain to do. He said that once values are changed in the initial compile, it becomes next to impossible to find in C++, and only marginally better in CLI language.

[nouser]

<?xml version="1.0" encoding="utf-8"?>
<ArrayOfSettings xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <Settings>
	<ServerPath>C:\Server\whatever.exe</ServerPath>
	<PortNumber>8420</PortNumber>
	<PortCheck>true</PortCheck>
	<AutoStart>true</AutoStart>
  </Settings>
</ArrayOfSettings>[/CODE]

That's how I do it. Simply create a structure (or class) containing your settings.

[CODE]
public struct Settings
{
public string ServerPath;
public int PortNumber;
public bool PortCheck;
public bool AutoStart;
}
[/CODE]

Then:

[CODE]
var xmlSerializer = new XmlSerializer(typeof (Settings[]));
var sWriter = new StreamWriter(AppDomain.CurrentDomain.BaseDirectory + "Settings.xml", false);
xmlSerializer.Serialize(sWriter, settingsArray);
sWriter.Close();
[/CODE]

to write the settings out of the program, or the deserialize method to read the settings into the program.

This way the .exe is distributed all on it's own, but your program can create a settings file to work off of.

If the user needs to make changes, they can simply make a change in the .xml file (or in your application, or in a separate application that only makes the file etc etc etc)

You can embed this file as a resource and read it out of the resource instead of as a filesystem request. Then you just make the executable take the values and save them.. Might defy the point though >.>

EDIT::

I consulted with an expert on the subject, and he said it's possible, but it's a butt load of pain to do. He said that once values are changed in the initial compile, it becomes next to impossible to find in C++, and only marginally better in CLI language.

thanks for your reply,that way is not standalone..the xml file HAS to be in the same folder with the exe..right? correct me if im wrong

[Karl L.]

In case you're interested in embedding the settings as a resource, this MSDN article is a good place to start. It explains resources in executables very thoroughly and has a few examples in VB.

[articuno1au]

thanks for your reply,that way is not standalone..the xml file HAS to be in the same folder with the exe..right? correct me if im wrong

Yep.

Once you embed a resource, you can't access it easily as a user.

Hell, you can't access it easily outside of the application even if you wrote the application.

There really isn't a good way to do this :\

Best bet sounds like settings the values pre compile and just using constants >.>

[nouser]

check here: https://www.neowin.net/forum/topic/1021544-help-me-making-a-patch-vbnet/

this guy asks how to patch an exe.. so this is enough heplfull..also someone else there posted a project about patching an other exe.. BUT in my exe i cannot find what is the offset address that need to be patched.. a vb6 exe shows the strings in w32dams.. vb.net exe file wont show the strings in w32dasm so i cannot get the address.. i tried other than w32dasm(as you mentioned w32dasm is old..) but still i cannot see the strings in order to get their address and change them...

[articuno1au]

Yeah, but if the user has custom settings per compile (that are defined prior to compile) the offset isn't going to be the same..

Also, It's not that simple in CLI languages..

I'm out. I can't help you with this I'm sorry.

[Karl L.]

I still think that modifying the resource table is the easiest way to go about accomplishing this, but I really don't have any more experience with it so I can't advise you more. I'm with articuno1au; I'm out too. Good luck!

[nouser]

there will be only 1 compile..mine.. so offset will be the same.. thanks for your time..anyone else?

[articuno1au]

Compile with null values.

Compile a new exe with a different value.

Compare the two exes in binary (Google it), that should identify where the variables are stored in CLI.

Write a binary editor to insert the values.

Waste 5+ hours perfecting the above >.>

[nouser]

Compile with null values.

Compile a new exe with a different value.

Compare the two exes in binary (Google it), that should identify where the variables are stored in CLI.

Write a binary editor to insert the values.

Waste 5+ hours perfecting the above >.>

in the past i used to patch some exe's from other people to change the program title(window title) just for fun.. the thing is that from old exes you could be able to read the string's offset address using w32dasm..but with new exes i cannot do that.. thats what im looking for..a program that will give me the address of the strings!