trancexx Posted August 23, 2009 Author Posted August 23, 2009 Hello trancexx,Why the AU3 exe are not supported by your function ?Its working well with other programs like notepad.Its Give me error "Unable to open the script file."Mostly this error occurs when any virus infect AU3 exe or any AV try to clean that file.In case of infection normally virus change the AOEP & use realocations; which will become a corrupted exe file.In your UDF i am not seeing any thing like that which makes any changes in exe data, its virtually execute the Binary data, why its giving this error ? >_<I got my Answer http://www.autoitscript.com/forum/index.php?showtopic=100609Okey dokey. ♡♡♡ . eMyvnE
7h331337 Posted August 31, 2009 Posted August 31, 2009 i have been messing around with this for a couple of days and i love it i can run lots of exe's for mem but i have one question why can't i run autoit compiled scripts is it because of the memory allocation thanks
trancexx Posted August 31, 2009 Author Posted August 31, 2009 i have been messing around with this for a couple of days and i love it i can run lots of exe's for mem but i have one question why can't i run autoit compiled scripts is it because of the memory allocation thanksDigisoul asked the same. Look up. ♡♡♡ . eMyvnE
kwyking Posted February 13, 2010 Posted February 13, 2010 Global $bBinary = "0x4D5A6C000100000002000000FFFF000000000000110000004000000000000000" & _ "57696E33322050726F6772616D210D0A24B409BA0001CD21B44CCD2160000000" & _Global $iNewPID = _RunExeFromMemory($bBinary)If @error Then MsgBox(48, 'Error occurred', "Error number: " & @error)Else ConsoleWrite($iNewPID & @CRLF)EndIf; Ermmm.; this code......Global $iNewPID = _RunExeFromMemory($bBinary & " " & $option1 & " " & $option2 & ....);ex) Run(@ScriptDir & "\dos.exe","",@SW_HIDE)Global $iNewPID = _RunExeFromMemory($bBinary & " " & $option1 & " " & $option2 ,@SW_HIDE);@SW_HIDE use how too?
trancexx Posted February 13, 2010 Author Posted February 13, 2010 Do something with that post. And I don't care if you don't know how. It's a matter of courtesy. ♡♡♡ . eMyvnE
Splash Posted March 15, 2010 Posted March 15, 2010 Works on Windows XP SP3... Someone know how to put this working on Windows Vista / 7 ??? Thanks in advance. Automatic Update UDF - IP Address UDF - WinPcap AutoIt _FindDevice()[font="Verdana"][size="2"]AutoIt Spanish/Brasil/World community!!![/size][/font]Use you wanna a dot.tk domain please use my link:
trancexx Posted March 26, 2010 Author Posted March 26, 2010 (edited) I wrote a new loader function. New loader takes advantages of the things that were often creating blocking effect for the old one. That means majority of the modules can be embed now. Also, 'victim' module from which the new process is made can be any, including AutoIt. Attached (first post) script is checking for all kinds of errors and reports them back to you, so you will now precisely when and if something fails. edit: ah, I forgot. If you are on win 7 and try to run, for example, calc.exe don't ask why it's not working. It's working just fine, believe me. Edited March 26, 2010 by trancexx ♡♡♡ . eMyvnE
spudw2k Posted March 26, 2010 Posted March 26, 2010 Great work trancexx, but your latest example (RunBinary.au3) fails on my machine. Windows XP Pro SP3. I've tried different exes that have worked in previous examples. Any thoughts? Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF
trancexx Posted March 26, 2010 Author Posted March 26, 2010 (edited) Great work trancexx, but your latest example (RunBinary.au3) fails on my machine. Windows XP Pro SP3. I've tried different exes that have worked in previous examples. Any thoughts?There was a $fForceReloc parameter for the function that was used for the reversed logic but I attached script without it....will see what I've done after you say what's the error. Edited March 26, 2010 by trancexx ♡♡♡ . eMyvnE
spudw2k Posted March 26, 2010 Posted March 26, 2010 ...what's the error...New process couldn't be created!Check if the path is correct. <- which it should be since the example had me choose the file. Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF
trancexx Posted March 26, 2010 Author Posted March 26, 2010 New process couldn't be created!Check if the path is correct. <- which it should be since the example had me choose the file.I'll kill you if you say your AutoIt is not 3.3.6.0.Nevertheless, there is a glitch, but that wouldn't be the error you'll get. ♡♡♡ . eMyvnE
spudw2k Posted March 26, 2010 Posted March 26, 2010 ...I'll kill you if you say your AutoIt is not 3.3.6.0.ew. http://www.youtube.com/watch?v=ThN78n3y-rg Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF
Splash Posted March 27, 2010 Posted March 27, 2010 Notepad worked on Windows XP SP3. Automatic Update UDF - IP Address UDF - WinPcap AutoIt _FindDevice()[font="Verdana"][size="2"]AutoIt Spanish/Brasil/World community!!![/size][/font]Use you wanna a dot.tk domain please use my link:
trancexx Posted March 28, 2010 Author Posted March 28, 2010 Notepad worked on Windows XP SP3. When non-relocatable modules are embed you have to be prepared for possible failure. In that case just victimize some other module that is loaded at another base address. By default, the victim is AutoIt. Choose another one (calc.exe loads at different address on my XP for example).Anyway, I added 64bit option. You can embed both 64bit and 32bit modules now. Believe or not, you would probably be one of the first people in the world to run 64bit modules from the memory. World premiere.Itanium is out of my reach (physically). If you have that architecture and want to try embedding there, let me know and I will write a test script. Out of the results of the test I'm almost certain I could make it work there too. ♡♡♡ . eMyvnE
monoceres Posted March 28, 2010 Posted March 28, 2010 Anyway, I added 64bit option. You can embed both 64bit and 32bit modules now. Believe or not, you would probably be one of the first people in the world to run 64bit modules from the memory. World premiere.Astonishing. You getting 64 bit was the best thing that could happen.You should write a code project article about your findings. Broken link? PM me and I'll send you the file!
trancexx Posted March 28, 2010 Author Posted March 28, 2010 Astonishing. You getting 64 bit was the best thing that could happen.You should write a code project article about your findings.Yes maybe.But I don't like my badly written English. Writing articles in native language is one thing and in foreign is another. I don't feel comfortable enough in English. ♡♡♡ . eMyvnE
wraithdu Posted March 28, 2010 Posted March 28, 2010 I'm sure you can find plenty of native english speaking people on this forum willing to edit your article with you. I wouldn't let language be a barrier. I'll volunteer if that helps.
trancexx Posted March 29, 2010 Author Posted March 29, 2010 I am aware of the obvious. Thanks. I'll think about it. ♡♡♡ . eMyvnE
Skitty Posted February 10, 2011 Posted February 10, 2011 (edited) Why would any one rate this any lower than 5 stars? Any way, this is absolutely incredible! In example, I have an aspire d250 with just about 1GB left in storage and this script allows me to save a whole lot of disk space at only 304kb! All I have to do is change my programs file extension from .exe to .png and upload it to an image hosting server and have this script read it from there and execute it after deleting the temp file created when "Inetread" is used! This saves me at least 200mb of storage already. Now all I have to do is compile an executable for every 10-20mb application I have such as "process explorer" and related app's and I'm set! Edited February 10, 2011 by System238
trancexx Posted February 11, 2011 Author Posted February 11, 2011 Why would any one rate this any lower than 5 stars?Any way, this is absolutely incredible! In example, I have an aspire d250 with just about 1GB left in storage and this script allows me to save a whole lot of disk space at only 304kb!All I have to do is change my programs file extension from .exe to .png and upload it to an image hosting server and have this script read it from there and execute it after deleting the temp file created when "Inetread" is used! This saves me at least 200mb of storage already. Now all I have to do is compile an executable for every 10-20mb application I have such as "process explorer" and related app's and I'm set!There are few stalkers around that don't like me calling them idiots.I'm glad you like the script. Btw, you think you could dance to this? I'm just doing it ♡♡♡ . eMyvnE
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now