Results 1 to 13 of 13
  1. #1
    Jason's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    /dev/null
    Posts
    5,706
    Reputation
    907
    Thanks
    7,295
    My Mood
    Mellow

    Change the MD5 of a file.

    Meh, wanted to do something in C++ 'cos I suck dick at it.

    Anway, this is a simple function that changes the md5 of a specified file by implanting a random int value within it's reserved space in the DOS header. Of course, if the DOS Header of the file has been collapsed deliberately, this is more likely to just rape your PE and make it unusable, but if you're collapsing your DOS Headers, I think you'd know about it lol.

    Enjoy.

    Code:
    #include <windows.h> //for ZeroMemory macro
    #include <fstream> //derp obvious.
    #include <time.h>
    
    int quit(char* msg)
    {
    	printf(msg); //print the message to the console window
    	return -1; //-1 is my signifier that the function failed.
    }
    
    char* ReadFromStream(std::fstream *baseStream, int offset, int dwSize)
    {
    	char* ret = new char[dwSize]; //create a buffer
    	ZeroMemory(ret, sizeof(ret)); //zero the memory like a mad dawg
    	baseStream->seekg(offset, std::ios::beg); //seek to the offset from the beginning of the stream
    	baseStream->read(ret, dwSize); //read dwSize bytes from the stream into the buffer
    	return ret; //return the buffer
    }
    
    char* intToBytes(int val)
    {
    	/**** not really my function, cbf learning bitshifting ***/
    	char* ret = new char[4];
    	ret[0] = (val >> 24) & 0xFF;
    	ret[1] = (val >> 16) & 0xFF;
    	ret[2] = (val >> 8) & 0xFF;
    	ret[3] = val & 0xFF;
    	return ret;
    }
    
    int ChangeMD5(char* file)
    {
    	using std::ios; //im too lazy to do more than one :: 
    	
    	//create the random int.
    	srand(time(NULL) * time(NULL)); //seed the random, dont have to be too fancy
    	int rnd = rand(); //generate a pseudo-random
    	char *newMd5 = intToBytes(rnd); //convert our random to bytes.
    
    	std::fstream PEStream (file, ios::binary | ios::in | ios::out); //open a stream to the file.
    
    	char *buff = ReadFromStream(&PEStream, 0, 2); //read the start signature (MUST BE 'MZ' FOR ALL PE)
    	if ( strcmp(buff, "MZ") != 0 ) { return quit("Not a valid PE File"); } //not a PE, exit with a message.
    
    	buff = ReadFromStream(&PEStream, 0x3C, 4); //read 4 bytes from the stream.
    	int lfanew = *reinterpret_cast<signed*>( buff ); //cast the char to a signed int
    
    	buff = ReadFromStream(&PEStream, lfanew, 4); //read the PE signature from the stream
    	if ( strcmp(buff, "PE\0\0") != 0 ) { return quit("Not a valid PE File"); } //PE files all have the signature PE followed by 2 null bytes.
    	
    	/** OKAY WE'VE VERIFIED IT'S A PE, NOW IT'S SAFE TO WRITE **/
    
    	PEStream.seekp(0x1C, ios::beg); //seek to the start of the reserved space	
    	PEStream.write(newMd5, 4); //write those bytes to the file in the reserved space
    	
    	PEStream.flush(); //flush all waiting shit.
    	PEStream.close(); //close the stream
    	return 0; //success
    }
    
    void main()
    {
    	if ( ChangeMD5("C:\\test.exe") == 0)
    		MessageBoxA(NULL, "OMG FUCK YEAH", "MD5 Changed", 0); 
    }
    Comments/criticisms etc are welcome, I'm a C++ noob, so I probs fucked up some memory management somewhere.

    Quote Originally Posted by Jeremy S. Anderson
    There are only two things to come out of Berkley, Unix and LSD,
    and I donít think this is a coincidence
    You can win the rat race,
    But you're still nothing but a fucking RAT.


    ++Latest Projects++
    [Open Source] Injection Library
    Simple PE Cipher
    FilthyHooker - Simple Hooking Class
    CLR Injector - Inject .NET dlls with ease
    Simple Injection - An in-depth look
    MPGH's .NET SDK
    eJect - Simple Injector
    Basic PE Explorer (BETA)

  2. The Following 5 Users Say Thank You to Jason For This Useful Post:

    dagnisk (06-30-2016),deskalt (08-20-2016),GuilhermeBS_VIP1 (12-11-2013),IamNotWhit (07-11-2011),sength (06-27-2016)

  3. #2
    LionelMessi10's Avatar
    Join Date
    Oct 2010
    Gender
    male
    Location
    MPGH.NET
    Posts
    6,125
    Reputation
    114
    Thanks
    4,545
    My Mood
    Aggressive
    Hmm.. Interesting..

    Good job in C++

  4. #3
    Dave84311's Avatar
    Join Date
    Dec 2005
    Gender
    male
    Location
    The Wild Wild West
    Posts
    27,853
    Reputation
    3541
    Thanks
    36,148
    My Mood
    Devilish
    Very nice C++ scrub!





    THE EYE OF AN ADMINISTRATOR IS UPON YOU. ANY WRONG YOU DO IM GONNA SEE, WHEN YOU'RE ON MPGH, LOOK BEHIND YOU, 'CAUSE THATS WHERE IM GONNA BE


    "First they ignore you. Then they laugh at you. Then they fight you. Then you lose.Ē - Dave84311HAD VIRTUAL DETOX

  5. #4
    IamNotWhit's Avatar
    Join Date
    Jul 2011
    Gender
    male
    Posts
    4
    Reputation
    8
    Thanks
    1
    Nice Bro...
    When i start Learning C# you start C++...You try to be like Big bro

  6. #5
    Jason's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    /dev/null
    Posts
    5,706
    Reputation
    907
    Thanks
    7,295
    My Mood
    Mellow
    Quote Originally Posted by IamNotWhit View Post
    Nice Bro...
    When i start Learning C# you start C++...You try to be like Big bro
    Gotta stay ahead of the game nigga. Can't fall behind

    Quote Originally Posted by Jeremy S. Anderson
    There are only two things to come out of Berkley, Unix and LSD,
    and I donít think this is a coincidence
    You can win the rat race,
    But you're still nothing but a fucking RAT.


    ++Latest Projects++
    [Open Source] Injection Library
    Simple PE Cipher
    FilthyHooker - Simple Hooking Class
    CLR Injector - Inject .NET dlls with ease
    Simple Injection - An in-depth look
    MPGH's .NET SDK
    eJect - Simple Injector
    Basic PE Explorer (BETA)

  7. The Following User Says Thank You to Jason For This Useful Post:

    IamNotWhit (07-11-2011)

  8. #6
    mmbob's Avatar
    Join Date
    Dec 2009
    Gender
    male
    Location
    ja
    Posts
    655
    Reputation
    70
    Thanks
    1,156
    My Mood
    Bitchy
    Change the first 2 bytes from MZ to ZM .

  9. #7
    Jason's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    /dev/null
    Posts
    5,706
    Reputation
    907
    Thanks
    7,295
    My Mood
    Mellow
    Quote Originally Posted by mmbob View Post
    Change the first 2 bytes from MZ to ZM .
    While we're at it let's rip out the IAT and the section headers! That'll fool 'em good and proper.

    Quote Originally Posted by Jeremy S. Anderson
    There are only two things to come out of Berkley, Unix and LSD,
    and I donít think this is a coincidence
    You can win the rat race,
    But you're still nothing but a fucking RAT.


    ++Latest Projects++
    [Open Source] Injection Library
    Simple PE Cipher
    FilthyHooker - Simple Hooking Class
    CLR Injector - Inject .NET dlls with ease
    Simple Injection - An in-depth look
    MPGH's .NET SDK
    eJect - Simple Injector
    Basic PE Explorer (BETA)

  10. #8
    Broderick's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    Basement.
    Posts
    100
    Reputation
    42
    Thanks
    30
    Quote Originally Posted by Jason View Post


    While we're at it let's rip out the IAT and the section headers! That'll fool 'em good and proper.
    That would break the whole PE, or were you being sarcastic :/
    The fish trap exists because of the fish.
    Once you've gotten the fish you can forget the trap.
    The rabbit snare exists because of the rabbit.
    Once you've gotten the rabbit, you can forget the snare.
    Words exist because of meaning.
    Once you've gotten the meaning, you can forget the words.
    Where can I find a man who has forgotten words so I can talk with him?

  11. #9
    Dave84311's Avatar
    Join Date
    Dec 2005
    Gender
    male
    Location
    The Wild Wild West
    Posts
    27,853
    Reputation
    3541
    Thanks
    36,148
    My Mood
    Devilish
    Quote Originally Posted by Broderick View Post


    That would break the whole PE, or were you being sarcastic :/
    The latter... Jason would be a sarcastic one.





    THE EYE OF AN ADMINISTRATOR IS UPON YOU. ANY WRONG YOU DO IM GONNA SEE, WHEN YOU'RE ON MPGH, LOOK BEHIND YOU, 'CAUSE THATS WHERE IM GONNA BE


    "First they ignore you. Then they laugh at you. Then they fight you. Then you lose.Ē - Dave84311HAD VIRTUAL DETOX

  12. #10
    wicho_koz's Avatar
    Join Date
    Aug 2010
    Gender
    male
    Posts
    194
    Reputation
    12
    Thanks
    52
    My Mood
    Shocked

  13. #11
    freedompeace's Avatar
    Join Date
    Jul 2010
    Gender
    female
    Posts
    3,035
    Reputation
    340
    Thanks
    2,784
    My Mood
    Sad
    Quote Originally Posted by Jason View Post
    Meh, wanted to do something in C++ 'cos I suck dick at it.

    Anway, this is a simple function that changes the md5 of a specified file by implanting a random int value within it's reserved space in the DOS header. Of course, if the DOS Header of the file has been collapsed deliberately, this is more likely to just rape your PE and make it unusable, but if you're collapsing your DOS Headers, I think you'd know about it lol.

    Enjoy.

    [codeblock]

    Comments/criticisms etc are welcome, I'm a C++ noob, so I probs fucked up some memory management somewhere.
    Code:
    using std::ios; //im too lazy to do more than one ::
    paradox ! o;

    you used 10 "::"'s in your code.

  14. #12
    Jason's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    /dev/null
    Posts
    5,706
    Reputation
    907
    Thanks
    7,295
    My Mood
    Mellow
    Quote Originally Posted by freedompeace View Post


    Code:
    using std::ios; //im too lazy to do more than one ::
    paradox ! o;

    you used 10 "::"'s in your code.
    One "::" in a statement...derp?

    std::ios::beg <- 2 "::"s


    Quote Originally Posted by Jeremy S. Anderson
    There are only two things to come out of Berkley, Unix and LSD,
    and I donít think this is a coincidence
    You can win the rat race,
    But you're still nothing but a fucking RAT.


    ++Latest Projects++
    [Open Source] Injection Library
    Simple PE Cipher
    FilthyHooker - Simple Hooking Class
    CLR Injector - Inject .NET dlls with ease
    Simple Injection - An in-depth look
    MPGH's .NET SDK
    eJect - Simple Injector
    Basic PE Explorer (BETA)

  15. #13
    User1's Avatar
    Join Date
    Jul 2009
    Gender
    female
    Location
    Above the influence
    Posts
    4,085
    Reputation
    61
    Thanks
    4,294,967,295
    My Mood
    Crappy
    If you erase the whole DLL, the MD5 would change.
    Any donations would help


    Quote Originally Posted by Bombsaway707

    HOLY SHIT ITS USER1
    Quote Originally Posted by Blood

    HOLY SHIT ITS USER1
    Quote Originally Posted by Alby-kun


    HOLY SHIT ITS USER1
    Quote Originally Posted by Ali

    HOLY SHIT ITS USER1
    Quote Originally Posted by CodeDemon
    HOLY SHIT ITS USER1
    Quote Originally Posted by Jussofresh View Post
    HOLY SHIT ITS USER1!
    [21:13] CoderNever: HOLY SHIT ITS USER1!
    Yes it is me... Yup Yup




  16. The Following User Says Thank You to User1 For This Useful Post:

    WildAssassinz (07-28-2016)

Similar Threads

  1. How to Change the Start-Bar in Windows XP
    By Jackal in forum General
    Replies: 31
    Last Post: 05-31-2015, 09:29 PM
  2. what LTB file to change the speed
    By standstill in forum Combat Arms Mods & Rez Modding
    Replies: 8
    Last Post: 12-23-2009, 04:21 PM
  3. Replies: 0
    Last Post: 12-28-2007, 12:48 AM
  4. Changing the HP,SP,and flag times
    By applesauce in forum WarRock - International Hacks
    Replies: 6
    Last Post: 06-11-2006, 11:09 PM
  5. Looking for the old Warrock Game Files
    By Zededarian in forum WarRock - International Hacks
    Replies: 2
    Last Post: 01-10-2006, 03:30 PM