misc/BinCracking/binpatcher.c

   1 //BinPatcher 3.0
   2 //by: Harvie 2oo7
   3
   4 /* This code is very useful, if you are cracking software and you need
   5 to share your cracks without whole binary (because of size or copyright).
   6 This is simple way to patch binaries at users home.
   7 Warning: You need to know some things about PE (probably) architecture to use this.
   8 But there is still some automatic computing with addreses,
   9 so you have to know only bit about yours binary...
  10 */
  11 /*Note: this is patch used to crack free version of CPULower (remove NAG screen),
  12 and you have to edit it for any file, that you want to patch.
  13 */
  14
  15 #include <stdio.h>
  16 #include <stdlib.h>
  17
  18 int main(int argc, char *argv[])
  19 {
  20   //Basic informations
  21   char file[] = "cpulower.exe";
  22   char this_file[] = "BinPatcher.exe";
  23   char title[] = "CPU Lower - NAG screen remover - patcher";
  24   char author[] = "<-Harvie 2oo7";
  25   //You can get these from debuger, disassembler, etc...:
  26   long int image_base = 0x400000; //ImageBase of binary
  27   long int section_rva = 0x1000; //Virtual addres of patched section
  28   long int section_offset = 0x400; //Offset of patched section
  29   long int size = 0, needed_size = 317440;  //Size in Bytes (Compressed size for PE compressors)
  30
  31   //File declaration
  32   FILE *bin;
  33
  34   //Banner
  35   printf("%s\nby: %s\n\nThis will patch %s\n\n", title, author, file);
  36
  37   //Arguments
  38   if(argc != 2) {
  39     printf("Incorrect number of arguments!!!\n");
  40     printf("Usage: %s %s\n", this_file, file);
  41     printf("You can simply Drag&Drop file \"%s\" on this (%s)\n\n", file, this_file);
  42     system("pause");
  43     return(0);
  44           }
  45
  46   //Size check
  47   int c;
  48   printf("Checking file size of %s...\n", argv[1]);
  49   bin = fopen(argv[1], "rb");
  50     if(bin == NULL) { printf("Error while opening %s\n", argv[1]); return 0; }
  51     while( (c = fgetc(bin)) != EOF ) {
  52       size++;
  53     }
  54   fclose(bin);
  55   printf("File size = %d B\n", size);
  56   if(size != needed_size) {
  57             printf("Incorrect file size (%d B) !!!\nContinue?\n", size);
  58             system("pause");
  59           } else {
  60             printf("File size OK!\n\n");
  61           }
  62
  63   //Backup
  64   char backup[1024];
  65   printf("Backuping to %s.crkbak\n", argv[1]);
  66   sprintf(backup, "copy /B /Y \"%s\" \"%s.crkbak\" > nul", argv[1], argv[1]);
  67   printf("Backup done.\n\n");
  68   system(backup);
  69
  70   //UnCompress example for upx (Use this only if you know what it is)
  71   /*
  72   printf("Uncompressing...\n");
  73   char uncs[1024];
  74   sprintf(uncs, "upx -d \"%s\"", argv[1]);
  75   system(uncs); //THis needs upx binary
  76   printf("Uncompressed!\n\n");
  77   */
  78
  79   //Patching
  80   long int virtual_addres = 0x437069; //Virtual addres from debuger - Example: 0x00437069
  81   unsigned char patch[] = "\x90\x90\x90\x90\x90"; //Patch to apply - Example: "\x90" (== NOP)
  82   bin = fopen(argv[1], "rb+");
  83     if(bin == NULL) { printf("Error while opening %s\n", argv[1]); return 0; }
  84
  85   long int offset = virtual_addres - image_base - section_rva + section_offset; //Vypocitame offset v souboru
  86   printf("Patching code @ D: %d H: 0x%x\n", offset, offset);
  87   fseek(bin, offset, SEEK_SET); //Seek code
  88   fwrite(&patch, (sizeof(patch)-1), 1, bin); //Patch code
  89
  90   //GO HOME ;}}
  91   fclose(bin);
  92
  93   printf("File was successfully patched!!!\n\n");
  94   system("PAUSE");
  95   return 0;
  96 }