Adding Code to Another Program

[Max_Power]

So here is the deal, I have been rewriting parts of this program found on win32asm:

http://spiff.tripnet.se/~iczelion/files/sectionAdd.zip

to make it more high level and put it in masm. I have completed the conversion, but the ultimate goal here is to make a program that allows a user to password protect another program. Once a program is password protected it, upon starting, will display a dialog box that allows the user to enter a password. If the password is correct execution continues like normal, otherwise the program closes. This is all fine and I know what needs to happen.

The problem is that when adding a section to a program that uses a run time made by Microsoft, in other words anything compiled in Visual Basic 5-6, Visual C++ 5-6 and I assume Visual C++ 7, and adding code to that program it no longer functions properly when started. The following error results:

---------------------------
VBRandom_Num_added.exe - Unable To Locate Component
---------------------------
This application has failed to start because .dll was not found. Re-installing the application may fix this problem.
---------------------------
OK   
---------------------------

When run under a debugger as near as I can tell the exception is raised in LdrInitializeThunk. My understanding of this function is that amoung other things it loads all required DLLs and calls their entry points. My conclusion is that the loader must be trying to load a dll now that it cannot find. In this case the dll name is blank, but other times it is a random string typical of what you would see if a string pointer was actually just pointing to a random location in memory. This is confusing to me though, why would the loader be trying to load a random dll when the only things altered in the executable were the table header and the code added to the end in the section that was added to the table header? Well, the entry point and the number of sections were also edited, but I do not see how that effects things here, especially since this error is being generated before the program even executes a single instruction, it is still being initialized.

I know this is gray area material, but hopefully my intentions are clearly seen and someone can offer assistance. At the bottom of this post is a link to a zip that contains the following:

1. The source code to the program that adds the section to another program, inserts the code, and alters the entry point to cause the added code to be executed and the compiled binary.
2. A Visual Basic 6 program called VBRandom_Num.exe that is unaltered and runs fine.
3. A Visual Basic 6 program called VBRandom_Num_addon.exe, which is the same as number 2, but with number 1's process being completed on it that demonstrates the problem.

http://home.comcast.net/~maxpoweruc/files/AddMessageBox.zip

[hutch--]

Max.

Apart from the subject having nothing to do with assembler programming, it is a common technique used to attack code to another program for various purposes including cracking it, hacking it or adding malicious code to it so while you may have the best of intentions, this range of techniques are not allowed under the rules of the forum.

This topic is closed.