Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@DosX-dev
DosX-dev committed Feb 22, 2024
1 parent c3613c1 commit 56790a6
Show file tree
Hide file tree
Showing 5 changed files with 141 additions and 31 deletions.
94 changes: 65 additions & 29 deletions source/MainModule.vb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,20 @@ Module Program

Public Sub Main()
Console.ForegroundColor = ConsoleColor.DarkYellow
Console.Write(vbLf & " UPX-Patcher (")
StdOut.Write(vbLf & " UPX-Patcher (", False)

Console.ForegroundColor = ConsoleColor.DarkCyan
Console.Write("https://github.com/DosX-dev/UPX-Patcher")
StdOut.Write("https://github.com/DosX-dev/UPX-Patcher", False)

Console.ForegroundColor = ConsoleColor.DarkYellow
Console.WriteLine(")" & vbLf)
StdOut.Write(")" & vbLf, True)

Console.ResetColor()

Dim args = Environment.GetCommandLineArgs()

If args.Length = 1 Then
Console.WriteLine("Usage: {0} <file_path>", AppDomain.CurrentDomain.FriendlyName)
StdOut.Write("Usage: " & AppDomain.CurrentDomain.FriendlyName & " <file_path>", True)
Environment.Exit(0)
End If

Expand Down Expand Up @@ -52,7 +52,7 @@ Module Program
End If


Console.WriteLine("Sections confusing...")
StdOut.Log("Sections confusing...")

bytesReplacer.PatchBytes(fileName, {&H55, &H50, ' #0
&H58, &H30,
Expand All @@ -69,7 +69,7 @@ Module Program
&H0},
Encoding.ASCII.GetBytes(".code"))

Console.WriteLine("Version block confusing...")
StdOut.Log("Version block confusing...")


Dim offset As Long = bytesReplacer.FindStringOffset(fileName, "UPX!") ' version identifier
Expand Down Expand Up @@ -104,31 +104,68 @@ Module Program
''''''''''''''''''''''''''''''''''''''''''''''''


Console.WriteLine("Adding fake version block...")
' StdOut.Log("Adding fake version block...")
'
'
' bytesReplacer.PatchBytes(fileName,
' {
' &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, ' padding
' &H0, &H0, &H0, &H0, ' 00 00 00 00 -> "DosX"
' &H0, ' version separator
' &H0, &H0, &H0, ' 00 00 00 -> "UPX"
' &H0, ' 00 -> "!"
' &H0 ' padding
' }, {
' &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, ' padding
' &H44, &H6F, &H73, &H58, ' "DosX"
' &H0, ' version separator
' &H55, &H50, &H58, ' "UPX"
' &H21, ' "!"
' &H0 ' padding
' }
' )

StdOut.Log("Replacing standart DOS Stub message...")

bytesReplacer.PatchBytes(fileName, Encoding.ASCII.GetBytes("This program cannot be run in DOS mode."),
Encoding.ASCII.GetBytes("https://github.com/DosX-dev/UPX-Patcher"))

bytesReplacer.PatchBytes(fileName,
{
&H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, ' padding
&H0, &H0, &H0, &H0, ' 00 00 00 00 -> "DosX"
&H0, ' version separator
&H0, &H0, &H0, ' 00 00 00 -> "UPX"
&H0, ' 00 -> "!"
&H0 ' padding
}, {
&H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, ' padding
&H44, &H6F, &H73, &H58, ' "DosX"
&H0, ' version separator
&H55, &H50, &H58, ' "UPX"
&H21, ' "!"
&H0 ' padding
}
)
StdOut.Log("WinAPI changing...")

Console.WriteLine("Replacing standart DOS Stub message...")
bytesReplacer.PatchBytes(fileName, Encoding.ASCII.GetBytes("ExitProcess"), ' function name size is 11 bytes
Encoding.ASCII.GetBytes("CopyContext"))

bytesReplacer.PatchBytes(fileName, Encoding.ASCII.GetBytes("This program cannot be run in DOS mode."),
Encoding.ASCII.GetBytes("https://github.com/DosX-dev/UPX-Patcher"))
StdOut.Log("EntryPoint patching...")

Dim isBuild64 As Boolean = PE.Is64(fileName)

If isBuild64 Then
bytesReplacer.PatchBytes(fileName, ' x86_64
{
&H0, ' db 0
&H53, ' pushal
&H56 ' mov esi
},
{
&H0, ' db 0
&H55, ' push ebp
&H56 ' mov esi
}
)
Else
bytesReplacer.PatchBytes(fileName, ' i386
{
&H0, ' db 0
&H60, ' pushal
&HBE ' mov esi
},
{
&H0, ' db 0
&H55, ' push ebp
&HBE ' mov esi
}
)
End If

Catch ex As Exception
Console.ForegroundColor = ConsoleColor.Red
Expand All @@ -137,8 +174,7 @@ Module Program
Environment.Exit(1)
End Try

Console.WriteLine("Done!")
StdOut.Log("Successfully patched!")
End If
End Sub

End Module
13 changes: 13 additions & 0 deletions source/PE.LiteParser.vb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
Module PE
Private _patcher As New Patcher

' d = 64; L = 32
Function GetOffsetOfPE(fileName As String)
Return _patcher.IndexOf(fileName, {&H50, &H45, ' get "PE\x0\x0" signature
&H0, &H0})
End Function

Function Is64(fileName As String)
Return _patcher.GetByte(fileName, GetOffsetOfPE(fileName) + &H4) = &H64
End Function
End Module
50 changes: 48 additions & 2 deletions source/Patcher.vb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ Class Patcher
Return matchFound
End Function

Function isPatternPresent(filePath As String, pattern As Byte()) As Boolean
Function IsPatternPresent(filePath As String, pattern As Byte()) As Boolean
If Not File.Exists(filePath) Then
Return False
End If
Expand Down Expand Up @@ -122,4 +122,50 @@ Class Patcher
End Using
End Sub

End Class

Public Function IndexOf(ByVal fileName As String, ByVal pattern() As Byte) As Integer
Dim fileStream As FileStream = Nothing
Try
fileStream = New FileStream(fileName, FileMode.Open, FileAccess.Read)

If pattern.Length > fileStream.Length Then Return -1

For Arr As Integer = 0 To fileStream.Length - pattern.Length - 1
Dim found As Boolean = True
For Searcher As Integer = 0 To (pattern.Length - 1)
If fileStream.ReadByte() <> pattern(Searcher) Then
found = False
Exit For
End If
Next
If found Then
Return Arr
Else
fileStream.Seek(Arr + 1, SeekOrigin.Begin)
End If
Next

Finally
If fileStream IsNot Nothing Then
fileStream.Close()
End If
End Try
Return -1
End Function

Public Function GetByte(ByVal fileName As String, ByVal index As Integer) As Byte
Dim fileStream As FileStream = Nothing
Try
fileStream = New FileStream(fileName, FileMode.Open, FileAccess.Read)
fileStream.Seek(index, SeekOrigin.Begin)

Return CByte(fileStream.ReadByte())

Finally
If fileStream IsNot Nothing Then
fileStream.Close()
End If
End Try
End Function

End Class
13 changes: 13 additions & 0 deletions source/StdOut.vb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
Module StdOut

Sub Write(ByVal message As String, ByVal newLine As Boolean)
Console.Out.Write(message & If(newLine, vbLf, String.Empty))
End Sub

Sub Log(ByVal message As String)
Console.ForegroundColor = ConsoleColor.DarkGray
Console.Out.Write(Date.Now().ToString("HH:mm:ss") & " -> ")
Console.ResetColor()
Console.Out.WriteLine(message)
End Sub
End Module
2 changes: 2 additions & 0 deletions source/UPX-Patcher.vbproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,8 @@
<DesignTimeSharedInput>True</DesignTimeSharedInput>
</Compile>
<Compile Include="Patcher.vb" />
<Compile Include="PE.LiteParser.vb" />
<Compile Include="StdOut.vb" />
</ItemGroup>
<ItemGroup>
<EmbeddedResource Include="My Project\Resources.resx">
Expand Down

0 comments on commit 56790a6

Please sign in to comment.