A Simple way to Modify C and C++ Programs without Source Code using Notepad++

-

 

I found a simple way to modify C and C++ compiled executable programs without C or  C++ source code using notepad++. This method works well with Turbo C  and I have tested  this method with programs compiled with gcc5 ,gcc6 ,gcc7 and gcc8  and it works pretty good. The only limitation to this method is it does not work well with large binary programs.

The C source code for the above C program used above is given below:-


As shown in the above video after the C source code was compiled we get an executive file.
In above case we got  new.exe . When we open new.exe file in notepad++  , we get gibberish text or unreadable characters. However some words are readable . I replace tails.boum.org to kali.org
and M.Anish to kremlin in the program by editing it in notepad++  and I succeed  as shown in the video.  In this way anyone can modify a compiled program without source code.

Statements in C source code inside printf( ) and System( ) functions are mostly readable in the C binary program while opening it in  notepad++.

This can be dangerous . I replaced tails.boum.org with kali.org which is a harmless website but
we can easily replace it with a dangerous site full of viruses.

Also writing Author names in a C/C++ programs to show ownership doesn't work well. In the above video I could change it from M.Anish to kremlin.

CONCLUSION:

Developers should use digital certificates to prove ownership and  provide users with digitally signed programs or with  secure sha256 or sha512 checksums published in a trusted website.

People should avoid installing programs without proper digital signatures or atleast verify that the program has not be modified in a harmful way and always download programs from trustable sources.


Comments

Post a Comment

Popular posts from this blog

MY PGP KEY

-
Here i am posting my OPENPGP PUBLIC KEY which can be used to verify digital signature of  my software available in github and for reporting security bugs.  -----BEGIN PGP PUBLIC KEY BLOCK----- mQINBF3nwF4BEADbF61zKMFr/FNE/8mMniRPK66eIQvxzNWX0RhbjvLfjLooJiyx zCxGYURvXsxoDaehnGRnjP5Hf/Qok1SppAhIZydg5L1nkzjQHQQbUSIoilMGw1UH tWr8TCgZKPWUjPYtkoo0/lLxtgdVMVcl8pvdyYKCJVTpXuxWZa37z1FhCWTrLO1P Nv7B0xLuAjjem6lzLBO/5kUlL0mlsWHp1dMg8Zxm5lvuUNP/2xUe3Qyv49F1b1nt 5okzW1XmvNReEZKiMvHbxIzCRjbifaNXgZaar054FEWH3z3VN4BDsGHAqahVu4oz TAVcX5ABkCfwLOsAMAJrFyd3P6mVoY/fHnbyIIj2ZzZVUzSPSPPfkuukEd+OQKTK bm4Ite4yPXzGwN8XYNWELLn2vpb/ucqlcsvP5bXkt+YCixi0GkiELsI2B6VFgy/3 x4dr1eQKSM1S8ZBq/ah5/FCB5ikxfpCYqKA/tNqI3OafvJoYmzjaO1Wef6vMt+dF Hcs5/j/ZC/FyVgN58oPH6i7j/ihFDTvoCTLkr3NqbkWJkyW/Nuaek/Ed+N2FhPen YI8SVkjR/WXF4T0b4QCfgtyeOxQEqxInvJR3F9hRX48dMZWjl9Z54eWID9tOz4Y7 G7LusA1rNjmNWNIXCc6FHhANwhpW0uk6oKuW1uAdqNpyiWuj0devCIDKvwARAQAB tB9NLkFuaXNoIDxhbmVlc2gyNTg2MUBnbWFpbC5jb20+iQJOBBMBCAA4AhsjBQsJ CAcCBhUKCQgL...
Read more

Removing Metadata from PDF documents using Notepad++

-
Image
PDF documents can easily reveal the author name , date and time on which the document was created and PDF software used , which can be used to guess the identity of person , timezone and operating system and PDF software version used in computer.  I found a simple way to hide these basic information from PDF documents using Notepad++. STEP1:   Get the PDF document ,  make sure it is of PDF version 1.5 or below. For PDF 1.6 and above , we can just downgrade them using software like imagemagick by converting PDF to images and converting them back to PDF of version 1.5. STEP2: View the PDF metadata in a browser or exiftool and check information present before removal of  Metadata.   S TEP3: Search for Author, Creator, Creation date after opening PDF document in notepad++. STEP4: Remove lines containg words creater , date , etc as shown in the image above.   STEP5: Ensure that all lines which contained identifying meta...
Read more

Unblocking Websites using my AntiCensorship Tool in C

-
Image
In my earlier blog post on defeating antivirus detection using Googleweblight , i had shown that googleweblight can be used to bypass firewalls. I have created a C program to make this unblocking process even more faster and easier. The program just manipulates the url and unblocks it. The link to Download the program is given below: -  AntiCensorship Toolv3 Download Here is a short tutorial on how to use the program:- STEP1 : Extract the zip file. STEP2 :Connect to internet and click the Program. STEP3: Wait till program connects the internet, this should normally take 4-5 seconds. STEP4: Enter the website to be unblocked. STEP5: Wait for program Menu. STEP6: Enter your choice . Note that Googleweblight and Hypothes.is would be better for connecting sites with videos and interactive content. Other services would be better for reading text. For Abuse prevention reasons i have choosed services which don't allow downloading files. STEP5: Please wait...
Read more