Results 1 to 7 of 7

Thread: PE Library

  1. #1

    PE Library

    Hi,
    I am trying to add new import function to exe file. However I don't want to use external tool but do it by myself. I have tried several PE libraries and most of them either doesn't have ability to add import or they crash or executables don't run. Any ASM or C code is welcomed. Thanks.

    Libraries
    Patch by comrade Produced executable doesn't run.
    PeLibrary 0.3c by Pumqara CRASH during adding import
    m-PE Class by in4matics Produced executable doesn't run.
    TitanEngine by ReversingLabs Couldn't make it work.


    Tools
    PeTools by NEOx Works
    StudPE Works
    IIDKing Crashes
    Last edited by LaptoniC; August 31st, 2013 at 11:22.
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

  2. #2
    <script>alert(0)</script> disavowed's Avatar
    Join Date
    Apr 2002
    Posts
    1,281
    Quote Originally Posted by LaptoniC View Post
    Any ASM or C code is welcomed....
    PeTools by NEOx Works
    StudPE Works
    Load PeTools or StudPE into IDA and you now have your ASM code.

  3. #3
    Thanks @ disavowed I am having an epiphany now. How on earth I couldn't think that one? Your comment is 100% correct but it is not helpful at all. I don't want to reinvent the wheel if possible. It takes time to reverse to convert all this functions, initialization codes and unknown structures. I actually disassembled both of them and PeTools have cleaner code. I just don't want to fix all those codes if there is an easy way. I really didn't want to take your precious time that is why I posted with detailed explanations. However, after all those years in here, I don't think that I deserve to be mocked in such way.
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

  4. #4
    Hello Laps,

    Maybe you've already done this but, if possible check the F+ archive of software reverse engineering for Razzia+ tut on Code caves and modifying NOTEPAD (adding new functionality to it).

    Though I last read it around 10 years ago, I distinctly remember him CODING with DISASSEMBLY and RAW HEX BYTES (using Hexview -- big thing then, if you remember), additional functionality AND new imports. Perhaps, that could help.

    Here's a link that uses nothing but a PE Editor and Hex Calculator. I am sure will be useful. PDF, including example files:

    Code:
    http://tuts4you.com/download.php?view.1569
    Let me know how it goes.

    Have Phun
    Blame Microsoft, get l337 !!

  5. #5
    Thanks Aimless. I have read that paper before. However in his example, there is enough empty space to add extra dll to IAT. My executable doesn't have this space. Therefore I have to add new section copy old ones and add new import. So it doesn't work for me. I will search more and if I can't find any reasonable source to use, I had to reverse some of the tools.
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

  6. #6
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,048
    Blog Entries
    5
    ashraf cracker posted a tutorial about adding a section and import manually which might be useful

    http://www.woodmann.com/forum/showthread.php?14799-How-to-add-section-and-Import-Function-Manually

  7. #7
    Hi Laptonic,
    PE Bliss
    Cross-Platform Portable Executable C++ Library

    code.google.com/p/portable-executable-library/
    Hope it helps!

    Cheers, Sope!
    Read to Lead

Similar Threads

  1. Collaborative RCE Tool Library contents so far
    By dELTA in forum Blogs Forum
    Replies: 7
    Last Post: January 5th, 2008, 12:06
  2. The Collaborative RCE Tool Library
    By Ring3 Circus in forum Blogs Forum
    Replies: 1
    Last Post: December 30th, 2007, 09:13
  3. Looking for compression Library jcalg
    By doug in forum Tools of Our Trade (TOT) Messageboard
    Replies: 3
    Last Post: January 12th, 2005, 17:48
  4. FORTRAN - Mathematics Library
    By Aimless in forum Off Topic
    Replies: 3
    Last Post: June 19th, 2004, 19:32
  5. Crypto Library Help Please!
    By Clandestiny in forum RCE Cryptographics
    Replies: 4
    Last Post: September 29th, 2003, 00:42

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •