So I've been spending the last 2 days trying to inject a new section into a PE file, but unfortunuately, without much luck. I am able to dis-assemble, and then re-assemble the whole PE, but when I try to inject a new section, the file becomes corrupt. As soon as I try to launch the file, I get the useless error message "This program cannot be run.". I wanted to try and fix it myself, but I'm completely stuck. Here is my code, there are a couple of temporary hacks in there for debugging purposes, which I will get rid of later.
My code: http://pastebin.com/ZfZqUWUG
Sorry for the rather large file, but the problem is that I have no idea what I'm doing wrong. Any help is appriciated.
UPDATE
My goal is to write a packer which would allow me to secure exe files. I'd have a builder, which encrypts all the existing sections, adds a new executable section, and change the entry point to that section. The code in the new section would decrypt the other sections, and jump to the original entry point.
I can see the new .inj section with PE explorer, and it also displays the data "Test".
Related
So, I'm not sure whether this has happened to anyone else, but I'm using Rmarkdown to create a beamer presentation. For whatever reason, there are some .Rmd files that are compiling, while others constantly go into "extended mode".
For instance, if I create a brand new .Rmd file, it will compile, but if I copy the contents of the document into another file (same exact thing), it goes into extended mode looking for pgf. Any understanding of why this might be the case?
Figured out that the problem was being caused by the auxiliary and intermediate files that are created once you try to compile the document. If you delete them, this should be resolved.
I am a new programmer and I am trying to use the terminal on my Mac to compile and run the C++ code I write using the Sublime text editor.
I am able to get my code to run using the terminal, however, whenever I make changes to my code on sublime and then re-compile it on my terminal, my terminal doesn't recognize my changes and keeps on running my original code.
Does anyone know what might be happening?
Thank you so much!
I can think of two possibilities that spring immediately to mind. If you're changing your code in the editor, and that's not being reflected in the compilation, then it's likely to be one of the following. Either:
you're not saving the file in the location you think you are; or
you're not saving the file at all.
The easiest way to tell if one of these is the case is to introduce an error into your code(a), like:
int my hovercraft = full of eels;
and make sure the compiler complains about it.
If you're not saving it at all, do so. If you're saving it in the wrong place, you can usually find out where just by doing a Save As and seeing where the default location is.
If you're annoyed that you have to save, and that computers should just "work"(b), Sublime Text has an auto-save feature that may come in handy, courtesy of one Lucy Bain. Instructions (paraphrased) are duplicated here in case that site ever disappears:
Open Sublime
Find Settings and edit the user window (under Sublime Text 2 > Preferences for Mac, just Preferences for Windows).
Add the line "save_on_focus_lost": true.
Save and close the file.
At that point, whenever you click away from a particular file, it should save it.
(a) Some developers seem to have little trouble doing this without even trying :-)
(b) A not unreasonable expectation for a Mac user :-)
I wrote a lot of code in C++ and save. After that I want only try some example code which I find. So I paste this code in this my project main.cpp file (where I had my code). I try it example code and mistake close this file. After that I open main.cpp file, but I can't undo changes by Ctrl-Z. I wanted only try example code and then I wanted undo changes by Ctrl Z, but my mistake is close file. Is it possible undo changes after close file or restore it?
Your original code is probably gone for good. However, perhaps this is a good time for you to consider adding a version control system to your tool set, which will help you avoid this kind of mistake in future, as well as give you a lot of other benefits.
Also, it is not a wise idea to paste example code over your own work in the way that you've done, for exactly the reason you've discovered. Insert a new file into your project, or create a separate project for testing example code. I have a separate Visual Studio solution specifically for this purpose.
EDIT: I say "probably" because I can't rule out all possibility of recovery based on the information you've supplied (e.g. you might have some kind of scheduled backup which caught your previous version). Also, if the code you pasted over it was shorter than your original code, it's possible that some of it still exists as unused data blocks on your hard drive, and might be recoverable, assuming something else hasn't already overwritten them.
I have preferences file for my application in Qt.
Whenever I launch the application it loads the file & depending the contents creates the widgets accordingly. I have given some customisation option for the user. Now when my application is closed I am checking whether the preferences are changed. If yes then I am opening the preferences file again & then just adding everything again in it. I am not creating a temporary file, I am directly editing the file. Is this method an efficient one? or am I doing it wrong? because I found these threads:
1. What is the best way to edit the middle of an existing flat file?
http://qt-project.org/forums/viewthread/25924/
Should use I binary file? Currently I am using ASCII file.
Thanks.
UPDATE: In the stackoverflow link above the correct answer has
If you're stuck using flat, then you're stuck using the old fashioned
way of updating them
I meant to ask whether the method I am using is old fashioned & is there a better method used nowadays? & what does flat file mean?
Don't try to edit the file. Rewrite the whole thing
Rewrite by using a temporary file. i.e. write the current state of preferences into temp file. And then move/rename the file to your actual preference file after making sure the temp file has been written successfully. This helps in case there is a crash when you rewriting the file. If you rewrite it directly, you will be left with neither the old one nor a good new one. In case you do it through a temp file, then do it this way ensures that in case of a crash, you atleast have a good preferences file(though it contains the old preferences).
Text/Binary doesn't make much difference unless it's a really huge file. Text will help to hand edit it if required.
That's a perfectly fine way of doing it. Since you already seem to have all of the preferences loaded into memory and you have edited them there, you don't need to bother with a temporary file (unless you want to ensure safety if your program fails during writing). Just write all of the preferences back into the original file.
Whether you choose a binary file or text file is up to you. Preferences tend to be text files because they have the added benefit of being human readable with just a text editor, rather than some specialised software for viewing them. A binary file may, however, have slightly better performance due to simpler decoding.
This is the first time I am writing in this forum, I hope someone could help me. I have been searching on the Web but have not found any answer related to my question.
I have a very large file (about 25000 lines) with thousands of definitions that must be used by another file
All these files (and about 600 more of them) are converted to .c files using a special tool. I am almost sure this conversion is made propertly.
If I create a.exe with all these files, there is no problem and everything works all right. Unfortunately, I need a .dll which crashes when I try to access to the very large file.
I have check that its .obj file is larger than 65MB so I have added the compiler command /bigobj as far as I have seen on the Internet but it didn't solve the problem.
I have also checked that the problem happens when access to the large file because everything works ok when I join both files (which is not possible in my development)
I am using Visual 2008
Could it be related to compile as C (/TC) or C++ (/TP) code? What's the difference between .exe and .dll that may make my program crashes?
Any ideas please?
Thanks in advance
Indeed, without the code not much can be said... (tho not sure if anyone would have the patience of reading 600 files each with 25k lines of code :) )
As advice, rebuild the exe and dll in debug mode, run the exe from MSVC, then put a breakpoint where you know it crashes. Next set a data breakpoint on the variable after you get its address from the watch window. ASSUMING the app does what it should correctly, then the pointer is set, but lost along the way; that means it should be triggered twice.
Alternatively, try an assertion check.
Another scenario is because the variable is volatile.
Another scenario is the value is returned from a temporary value and gets lost...
And last but not least, the value is never set because of wrong\bad conditions...
If your problem is the crash and not the missing value, just do a null check and return the call if you really want to avoid the complication, however, I would recommend you find why the value isn't set. Your choice.