Builder & Stub | How to create your own builder and stub in C (using EOF)


If you are looking to build it using Resource, look here.

This question is often seen in one of the forum that i hang around.  Although the programming language is different, the idea and concept is one.  I have already prepared a source code for this project but i will explain a little or less about how it works.  Understand that the term stub i am using refers to the application that is going to read a message that has been injected from an application called builder.  Be aware that the term injected also refers to implanted or appended.  In this article, i will be showing the concept on how a builder and stub works, what will you need before coding it and your preparations as well as pseudocode to ease understanding of the concept.  Apart from that you can download the project in case you are not sure what to do with the source code given due to certain complexity.

Synonyms

Injected: implanted or appended.
Builder: creator
Stub: server

Concept

Builder: Injects a message into Stub.
Stub: Reads a message that was injected by Builder.

Example

Keylogger Builder: Injects settings such as email and password into the stub (or sometimes known as server).
Keylogger Stub: Runs as a keylogger and sends log to the email that was injected earlier.

As you can see from the image above, it represents the concept of a builder and stub.  Generally from 0 – n is the size of the application.  What is after that would be the settings that has been injected into the stub.  You might wonder, so what if i have placed settings in the end of the stub or what can i do with it.  Well, basically the settings that has been injected into the stub will allow the stub application to read it!  If you wonder why at the end of file or not beginning or anywhere in the middle, it is because the file which starts from 0 – n as you can see is the area for the application which can not be altered.  Any alteration to the original application will render it useless unless you know how to change the PE file header which is in a totally different topic.

Therefore, the stub will have to be coded in a way that it has to read itself!    Take a look into the pseudocode section below for further understanding.  Let us now take a look at some considerations we have to thinker before programming.

Considerations

Builder
1.) The builder must know the total size of the settings.
2.) The builder has to know the name of the stub.

Stub
1.) The stub must know the original size of its self.
2.) The stub must know the total size of the settings.

* The size of the settings must be the same for Builder and Stub.

Functions that we are going to use
1.) GetModuleFileName
2.) fopen
3.) fread
4.) fwrite
5.) fseek

Pseudocode

How Builder inject settings into Stub
1.) Start
2.) Get settings from users
3.) Open stub’s handle with function fopen
4.) Append settings into the stub’s End of File (EOF)
5.) Close stub’s handle with function fclose

How Stub reads settings injected from Builder
1.) Start
2.) Get its own filename with function GetModuleFileName
3.) Open itself with function fopen
4.) Set the offset (reading point) to the original EOF
5.) Read settings with function fread
6.) Close stub’s handle with function fclose

Getting familiar with the source code

The source code for the Builder and Stub is separated in two different code tags.  Before you try working it out, be sure to edit the STUB_EOF in the Stub’s source code. BY default it is set to 32768 which is the compile size for me using Microsoft Visual C++ 6.0 under Release.  Be reminded that the compile size for Debug and Release will never be the same as Debug will definitely be bigger so be sure to know what to do.  Change the size that has been predefined under the Stub’s source code.

Notice: In order to proof how it works, place Stub.exe which is found in the “Stub\Release\” folder to “Builder\Release\”, run Builder.exe and input settings such as email and password.  It will then prompt for “Enter new name: “, write “test.exe” so that the Builder will create a file called test.exe.  Now that the settings is already injected into test.exe, run test.exe to see the settings that you have entered earlier.

Download

If you are not still not sure what to do, i have uploaded the project. Download project here.

Builder Source Code

#include <stdio.h>
#include <windows.h>

#define STUB_NAME "Stub.exe"

struct Details
{
	char Email[32];
	char Password[32];
	char Etc[32];
};

int main()
{
	Details D;
	char Filename_New[32];

	printf("\nEnter Email: ");
	fflush(stdin);
	scanf("%s", D.Email);

	printf("Enter Password: ");
	fflush(stdin);
	scanf("%s", D.Password);

	printf("Enter new name: "); // Refers to the new filename that we will duplicate from the original stub
	fflush(stdin);
	scanf("%s", Filename_New);

	FILE *Copy = fopen(STUB_NAME, "rb");
	FILE *Paste = fopen(Filename_New, "wb");

	if(!Copy || !Paste)
	{
		printf("\nError occured reading stub or writing new file\n");
		fflush(stdin);
		getchar();
		return 0;
	}

	int c;
	while((c = fgetc(Copy)) != EOF)
		fprintf(Paste, "%c", c);

	fclose(Copy);
	fclose(Paste);

	FILE *Write = fopen(Filename_New, "a+b");
	if(!Write)
	{
		printf("\nError occured opening stub\n");
		fflush(stdin);
		getchar();
		return 0;
	}

	fwrite(&D, sizeof(Details), sizeof(char), Write);
	fclose(Write);

	printf("\nSuccessfully written struct to stub\n");
	printf("\nCheck newly written file to check for written email and password\n");
	fflush(stdin);
	getchar();
	return 0;
}

Stub Source Code

#include <stdio.h>
#include <windows.h>

#define STUB_EOF 32768

typedef struct
{
	char Email[32];
	char Password[32];
	char Etc[32];
}Details;

int main()
{
	Details D;
	char Filename_Current[256];

	GetModuleFileName(NULL, Filename_Current, 256);

	FILE *Read = fopen(Filename_Current, "rb");
	if(!Read)
	{
		printf("\nError occured reading current file\n");
		getchar();
		return 0;
	}

	fseek(Read, STUB_EOF, 0);
	fread(&D, sizeof(Details), sizeof(char), Read);

	printf("Email - %s\n", D.Email);
	printf("Password - %s\n", D.Password);

	getchar();
	return 0;
}

Other possible guides

1.) [VB] Builder With Stub [Tut] (VB .NET)
2.) How To Make And Use A Builder And Stub. [VB.NET] [Source] (VB .NET)
3.) Reading and Writing Files in C (C language)
4.) C++ Stub Tutorial w/ Source Downloads (C language)
5.) If you have a good article on writing a builder and stub or any similar articles, please post a reply here so that the list can be updated.

Advertisements

3 Responses to “Builder & Stub | How to create your own builder and stub in C (using EOF)”

  1. lolzor Says:

    Wouldn’t packing or encrypting the stub would unable it from reading the settings at EOF?

    • genesisdatabase Says:

      When you mean “packing or encrypting”, are you trying to say that the stub’s file is encrypted? If the file is encrypted meaning that the settings or details that you have placed in the stub are also encrypted, in most cases this renders the stub corrupted upon execution. Basically to prevent this, it is better to place your settings or details inside Resources, if your file is placed in the Resources, it would be decrypted together during runtime which is more desirable.

      • lolzor Says:

        Yea, I meant encryption. I will go read your second in C where you store the settings in resources.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: