Builder & Stub | How to create your own builder and stub in C (using Resource)


If you are looking to build it using EOF, look here.

As i have already created a similar post which creates your own builder using the File I/O (Input/Output) operation, some have came across a problem where they need their stub application to be placed and ran in memory instead of normal execution.  In order to counter this problem, the solution that can come into mind is to use the resource data in the file.  Even if your file is ran in the memory, the resource data is also loaded with it.  Be aware that the terms used may confuse you so read the synonym section.  Take a look at the concept below.

Synonyms

Injected: implanted or appended or inserted.
Builder: creator
Stub: server

Concept

Builder: Injects a message into Stub.
Stub: Reads a message that was injected by Builder.

Example

Keylogger Builder: Injects settings such as email and password into the stub (or sometimes known as server).
Keylogger Stub: Runs as a keylogger and sends log to the email that was injected earlier.

As you can see from the image above, what is pictured in the above and below are the differences of the application in terms of before and after.  Generally the difference is in the stub, whereby the one at the bottom is injected with settings.  Now, the settings is generally placed in the application and not an address of its own as compared to what i have written in my previous post, Builder & Stub | How to create your own builder and stub in C (using EOF).  If you load the link and see the image that it have, they are pretty much similar but the settings for EOF method is placed in the address after the application.  This means that the settings used by EOF method is hard to read during runtime if the file is encrypted.  However if you are to place settings in the application address and even if it is encrypted, it is entirely decrypted upon runtime making it available to use.

Considerations

Builder
1.) The builder must know the  resource location the settings is stored.
2.) The builder has to know the name of the stub.

Stub
1.) The stub must know the  resource location the settings is stored.

* The size of the settings must be the same for Builder and Stub.

Functions that we are going to use
1.) BeginUpdateResource
2.) UpdateResource
3.) EndUpdateResource
4.) FindResource
5.) SizeOfResource
6.) LoadResource
7.) LockResource

Pseudocode

How Builder inject settings into Stub
1.) Start
2.) Get settings from users
3.) Get handle of stub’s resource with function BeginUpdateResource
4.) We insert the settings into the resource location with function UpdateResource
5.) Close the stub’s resource handle with function EndUpdateResource

How Stub reads settings injected from Builder
1.) Start
2.) Get resource location with function FindResource
3.) Get resource size with function SizeOfResource
4.) Get resource handle with function LoadResource
5.) Get resource address pointer with function LockResource

Getting the source code to proof that it works

This section assumes that you have successfully compiled the source code or you have downloaded the sample project below.  Basically i have used Microsoft Visual C++ 6.0 to compile the source code but any IDE will do, just make sure that Stub.exe that you have compiled is placed along with Builder.exe.

Notice: In order to proof how it works, place Stub.exe which is found in the “Stub\Release\” folder to “Builder\Release\”, run Builder.exe and input settings such as first name and last name which is the example i am using.  Once you have entered the details or settings, it will then duplicate Stub.exe to Test.exe.  Next, Builder will insert the details or settings into the resource location of the Stub called Test.exe.  If everything is successful, it will display “Success”.  Run Test.exe and see it display the first name and last name that you have entered from Builder application earlier.

Notice: If you are getting an error message such as “this is an invalid Win32 application”, you forgot to insert the .rc file in the stub project before compiling!

Download

If you are not still not sure what to do, i have uploaded the project. Download project here.



Builder Source Code

/*
 * This example was made by GenesisDatabase.
 * Visit https://genesisdatabase.wordpress.com for more source codes!
 *
 * Date of release: 11th January 2011
 */

#include <stdio.h>
#include <windows.h>

#define STUB			"Stub.exe"	// the original stub
#define STUBNEW			"Test.exe"	// the new file
#define STORELOCATION	193			// the location we are storing it at

typedef struct
{
	char fname[32+1];
	char lname[32+1];
}Details;

int main()
{
	HANDLE hUpdate;
	Details *d;

	// we will be using pointer structures in this example
	//
	d = (Details *)malloc(sizeof(Details));
	memset(d, 0, sizeof(Details));

	// get input from user
	//
	printf(" - Enter first name: ");
	fflush(stdin);
	scanf("%32[^\n]", d->fname);

	printf(" - Enter last name: ");
	fflush(stdin);
	scanf("%32[^\n]", d->lname);

	// we duplicate our existing stub.exe to test.exe
	//
	printf(" - Removing existing test.exe\n");
	CopyFile(STUB, STUBNEW, FALSE);
	printf(" - test.exe is now an empty stub\n");

	// now that we got our information, we update test.exe
	///
	hUpdate = BeginUpdateResource(STUBNEW, FALSE);
	if(hUpdate == NULL)
	{
		printf(" - Failed BeginUpdateResource\n");
		fflush(stdin);
		getchar();
		return 0;
	}printf(" - Handle to test.exe obtained\n");

	// input the settings or details into the resource location
	//
	if(UpdateResource(hUpdate, RT_RCDATA, MAKEINTRESOURCE(STORELOCATION), MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), d, sizeof(Details)) == FALSE)
	{
		EndUpdateResource(hUpdate, FALSE);
		printf(" - Failed UpdateResource\n");
		fflush(stdin);
		getchar();
		return 0;
	}printf(" - Updated resources in test.exe\n");

	EndUpdateResource(hUpdate, FALSE);
	printf(" - Success, run test.exe to confirm.\n");
	fflush(stdin);
	getchar();
	return 0;
}

Stub Source Code

/*
 * This example was made by GenesisDatabase.
 * Visit https://genesisdatabase.wordpress.com for more source codes!
 *
 * Date of release: 11th January 2011
 */

#include <stdio.h>
#include <windows.h>

#define STORELOCATION	193			// the location we are storing it at
									// make sure that you include an empty resource script (.rc)
									// file otherwise it will not work.

typedef struct
{
	char fname[32+1];
	char lname[32+1];
}Details;

int main()
{
	HRSRC			ResourceLocation;
	HGLOBAL			ResDataHandle;
	unsigned long	ResourceSize;
	char *			ResourcePointer;
	Details	*		d;

	// we will be using pointer structures in this example
	//
	d = (Details *)malloc(sizeof(Details));
	memset(d, 0, sizeof(Details));

	// check for resource
	//
	ResourceLocation = FindResource(0, MAKEINTRESOURCE(STORELOCATION), RT_RCDATA);
	if(ResourceLocation == 0)
	{
		printf(" - Resource is not found, this is a new stub\n");
		fflush(stdin);
		getchar();
		return 0;
	}printf(" - Resource found\n");

	// get resource size
	//
	ResourceSize = SizeofResource(0, ResourceLocation);
	if(ResourceSize == 0)
	{
		printf(" - Resource size error, some error occured\n");
		fflush(stdin);
		getchar();
		return 0;
	}printf(" - Resource size found\n");

	// get resource handle
	//
	ResDataHandle = LoadResource(0, ResourceLocation);
	if(ResDataHandle == 0)
	{
		printf(" - Failed to load resource\n");
		fflush(stdin);
		getchar();
		return 0;
	}printf(" - Resource loaded into handle\n");

	// retrieve pointer to resource
	//
	ResourcePointer = (char *)LockResource(ResDataHandle);
	if(ResourcePointer == 0)
	{
		printf(" - Failed to lock resource from handle\n");
		fflush(stdin);
		getchar();
		return 0;
	}

	// copy resource to struct Details
	//
	d = (Details *)ResourcePointer;

	// display details
	//
	printf(" - First Name: %s\n", d->fname);
	printf(" - Last Name: %s\n", d->lname);

	fflush(stdin);
	getchar();
	return 0;
}

Other possible guides

1.) [VB] Builder With Stub [Tut] (VB .NET)
2.) How To Make And Use A Builder And Stub. [VB.NET] [Source] (VB .NET)
3.) Reading and Writing Files in C (C language)
4.) C++ Stub Tutorial w/ Source Downloads (C language)
5.) If you have a good article on writing a builder and stub or any similar articles, please post a reply here so that the list can be updated.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: