Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Win32 executable packing

Posted on 1997-08-05
9
Medium Priority
?
398 Views
Last Modified: 2013-12-03
I would like to know if it is possible to code an exe-packer for win32 PE-files. What I mean is a packer like PKLite or XPack for DOS which compress an executable and when starting the packed program it is unpacked into memory and started.
I know there are some problems, e.g. Win32 takes a lot of resources out of the exe like icons and so on. But is it possible to only compress the real code and leave the rest as it is? What else do I have to pay attention to? Is there maybe already a packer?
0
Comment
Question by:tier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 4

Accepted Solution

by:
davmarc earned 200 total points
ID: 1403078
In the old days I used exe-packers for DOS programs too - LZEXE, PKLite, WWPack, Diet.
Under Windows 3.1 I couldn't find any porting of those useful utilities, but I had bought Symantec C++ 7.x too and it had a nice linker feature that did mostly the same thing.

I made several researches on the Internet but I couldn't find anything similar for Win32. It is probably caused by the complexity implied by writing such an advanced loader for PE files, and by the absence of a strong demand for such a feature.

The best pointers I can give you are the following:
- "Portable Executables File Manipulation", MSDN (under Windows Base Services - Executables);
- "The Portable Executable File Format from Top to Bottom" by R. Kath, MSDN technical articles
- Knowledge Base article Q100636

If you are going to write one yourself, I wish you much luck. I'm sure that if you'll succeed, many developers will be glad to evaluate your product - me included.

Davide Marcato.
0
 
LVL 3

Expert Comment

by:vinniew
ID: 1403079
In the old days, DM?  When you were what, 3?  You're only 15, right?

hahaha.  I started when I was 8.  It pays the bills now....


As for the question:
1. MS used packing in their original Word product.  They also had that feature in VC 1.52
2. If you just want to compress resources, like strings, etc., you can find a simple thing to do that on SimTel.net.  It's a library.  I don't recall the name...
0
 
LVL 4

Expert Comment

by:davmarc
ID: 1403080
Hahaha! I expected such an answer sooner or later :-)

Yes, I am 15...I used those programs in the old good days, they were indeed good but not so old ;-)
I started programming when I was 6 on C=64, hey I'll be programming for 10 years in a month! :)

As for the question:
1 - The original Word, as well as VC 1.5x, run under Windows 3.1, while the real problem is Win32 and its associated PEs.
2 - Compressing resources is useful to prevent users from modifying them, but it generally doesn't save much space (unless you have a lot of resources and few code).

Davide Marcato.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
LVL 1

Author Comment

by:tier
ID: 1403081
So you are sure that it is possible to write such a program but it won't be easy?
0
 
LVL 1

Author Comment

by:tier
ID: 1403082
Davmarc, could you tell me the exact URLs for the PE docs you mentioned?
I think for 100 points this would be fair...
0
 
LVL 4

Expert Comment

by:davmarc
ID: 1403083
I looked for it in the MSDN Library CD coming with VC++ 5.0, but I assume you don't have it since you ask me for URLs.

Here they are (reported by hand):
 http://premium.microsoft.com/msdn/library/sdkdoc/imgehlp1_9832.htm
 http://premium.microsoft.com/msdn/library/techart/F365/F36B/D37D/SABE3.htm

http://www.microsoft.com/kb/articles/q100/6/36.htm

To access the first two you must be a registered MSDN Online user. If you are not yet, do it immediately: it is free and gives access to a lot of up-to-date techical documentation.

Davide Marcato.
0
 
LVL 1

Author Comment

by:tier
ID: 1403084
Once again:
You are sure that it is possible?

0
 
LVL 4

Expert Comment

by:davmarc
ID: 1403085
To be fair I cannot answer that I am 100% sure since I've never done it nor I've seen anyone doing it, but I am reasonably sure that actually it *is* possible...say 95% sure.
Not an easy task, but possible.

I hope the docs I pointed out will help you. A great source of info about the internal structure of Windows 95 is Matt Pietrek's book "Windows 95 System Programming Secrets" (well his articles are great as well), it might help you for the most hard parts.

Davide Marcato.
0
 
LVL 4

Expert Comment

by:davmarc
ID: 1403086
A new pointer that might help you, tier.
KB article Q127904 "How to Modify Executable Code in Memory".

Davide Marcato.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial is about how to put some of your C++ program's functionality into a standard DLL, and how to make working with the EXE and the DLL simple and seamless.   We'll be using Microsoft Visual Studio 2008 and we will cut out the noise; that i…
Whether you've completed a degree in computer sciences or you're a self-taught programmer, writing your first lines of code in the real world is always a challenge. Here are some of the most common pitfalls for new programmers.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question