200 likes | 352 Views
E-Glue Application. Merging executables in WIN32 environment. By : Gil Arbeli, Ran Didi. Instructor : Gal Badishi. Softlab – June 2006. Problem. Adding functionality to a proprietary software. Adding functionality to applications without the need to rewrite them.
E N D
E-Glue Application Merging executables in WIN32 environment By : Gil Arbeli, Ran Didi Instructor : Gal Badishi Softlab – June 2006
Problem • Adding functionality to a proprietary software. • Adding functionality to applications without the need to rewrite them. • Adding an ability to run sequentially two (or more) applications.
Problem example (…) • An office management application + a backup component. • A cleanup component + application with private data.
Goals • Providing an elegant generic solution for “Gluing” two unrelated application together. • Producing a single executable while maintain both original applications’ functionality. • Learn the “behind the scenes” of running application in windows environment
File Structure PE data needed in order to execute the application Imported functions needed for the application header imports Code and data of the application sections Additional data used by the application resource
Implementation Issues • Setting the environment for each application. • Merge the application in a smart way so the wont interrupt each other.
Solution approach • Both of the applications are in the same memory space. • Choosing in Runtime which of the applications will be executed.
First approach • Find and capture the exit points of the first application. • Not feasible to capture all the exit points of an application.
Accepted approach • Each application will run as a separate process. • Second application will wait until first one will terminate. • This approach omits the problem encountered in the previous one.
Problems encountered • Windows loader can be run only once. • Applications compiled to run alone.
What have we done We separated the solution into two main components: • Loader – setting the environment • Creator - Gluing them…
Gluing applications : Loader App.2 App.1 Imports Imports Imports Imports Imports Imports Sections Resources Resources Resources Combined Imports Code & Data Sections Code & Data Sections Code & Data Sections Code & Data Sections App.1 Sections App.2 Sections Resources
- LoaderFlow diagram Start In a new process Wait for first application to terminate In a new process Set environment for first application Set environment for second application Wait for second application to terminate Run first application End Run second application End End
Drawbacks of solution • Not keeping the purpose of all sections (i.e. Export, reloc, Debug sections). • If the second applications uses command line arguments, the command line will not be forward (only to the first application).
Theoretical background • Understanding the structure of the Portable Executable (PE) format. • Loading process of a PE file. • DLL’s loading process in windows32 environment. • Inter-process synchronization. • Windows32 API’s.
Implementation and Tools • The creator module was written in C • The loader module was written in Assembly • Microsoft visual studio 2005 • Masm32 • Windbg (windows debugging tool) • Softlab people and facilities
Future development • Extend the E-glue idea to more operating system platforms. • Enhance the functionality of a glued application (e.g. arguments)
Educational revenue • Deep understanding of the Portable Executable file format, and Windows executables loading process. • Experience in using Reverse Engineering Techniques. • Writing small low-lever assembly code. • Using Windows APIs.
conclusion • Provide a proof of concept solution for an idea for the windows32 platform system. • Learn various fields within the scope of our project.
Thanks to … • Gal Badishi - our instructor, and the one that came up with the E-Glue idea. • The Soft-Lab staff, that was kindly enough to try and help us with a bunch of weird problems we encountered.