Embedded resources in Win32 Application

Question

I have embedded an EXE as a resource in my Win32 application.

I'm looking to the registry for a certain value. If the value is there and correct, then i copy the embedded EXE to the local file system an execute it from there.

I don't want it to be extracted from my EXE.

Should i do anything to prevent this, or is it impossible already?

Thanks.

Answer 1

but you could inbed the exe as an .obj or an static array rather than as a resource. That would make it harder for an attacker to find in your code, but still not impossible.

You can use the unix objcopy tool to convert your exe into a .obj file and then link to that in your c code. someone would have to decompile your code in order to find the .exe, which is quite a bit harder than using a resource extractor.

Embed data in a C++ program

Answer 2

I have to secure an application. I can't modify the application. All i can do is writing small utilities around it, like creating an online serial system, unique hardware information hash storing, a loader exe etc.

But now i see that my intentions are almost useless without modifying the original applications. I'd be apprecieted any help on this.

Answer 3

Nothing is impossible, and in fact it is quite easy to strip resources out of an executable. Here's the first link from a Google search, for example. On the other hand you're already stripping the exe out and saving it to a file on the user's system, anybody sophisticated enough to find the embedded resource will also be able to find your extracted file. I wouldn't spend too much time worrying about it.