From: Jerry West on
Mike, can I send you the EXE in question? --I can prove I own it-- and have
you locate the string in question and mod it. I still cannot find it --even
after using the Cygnus hex editor-- to locate the string and mod it. I don't
know what I'm doing wrong but at this point I'd pay someone to do it.

JW


"Mike Williams" <Mike(a)WhiskyAndCoke.com> wrote in message
news:OYtncpbsKHA.3536(a)TK2MSFTNGP06.phx.gbl...
> "Mike Williams" <Mike(a)WhiskyAndCoke.com> wrote in message
> news:OfI29ZbsKHA.4752(a)TK2MSFTNGP04.phx.gbl...
>
> . . . oops. Pressed the button too quickly there. Here is the code I
> mentioned. It searches for and replaces the specific examples you
> mentioned, and it hard codes the values 22 and 16 that I mentioned in my
> previous response rather than calculating them, so you'll need to change
> the strings to the actual string(s) you are looking for and change the 22
> and 16 accordingly, but it should be easy for you to see what you need to
> do. Also, as it stands it looks for only the first occurrence of the
> string, so if there is more than one "whole string" of @foobar.com then it
> will replace only the first of them. Narturally, if the code contained in
> the compiled exe is not what you posted (perhaps the @foobar.com is made
> up of substrings or loaded or calculated in some way) then it won't find
> it. Anyway, for what it's worth, here's the example to get you started,
> although perhaps in view of the fact that some people here think your
> request is not exactly "Kosher" perhaps I'd better n ot post it . . . too
> late now . . . I've clicked the button . . . but perhaps you might like to
> tell us what you want this for, just to put our minds at ease.
>
> Mike
>
> Private Sub Command1_Click()
> Dim b1() As Byte, b2() As Byte, p As Long
> Open "c:\temp\native.exe" For Binary As 1
> ReDim b1(1 To LOF(1))
> Get #1, 1, b1()
> b2() = Chr(22) & Chr(0) & "@foobar.com"
> p = InStrB(b1(), b2())
> If p > 0 Then
> b2() = Chr(16) & Chr(0) & "@foo.com" & Space$(3)
> Put #1, p, b2()
> MsgBox "Replacement made at position " & p
> End If
> Close 1
> End Sub
>
>
>
>
>

From: Larry Serflaten on

"Jerry West" <jw(a)comcast.net> wrote
> Mike, can I send you the EXE in question? --I can prove I own it-- and have
> you locate the string in question and mod it. I still cannot find it --even
> after using the Cygnus hex editor-- to locate the string and mod it. I don't
> know what I'm doing wrong but at this point I'd pay someone to do it.

How about you post it to the web somewhere, zipped with a password,
and then post the link and give out the password. Those that have time
could go looking. The (optional) password would help keep anyone
stumbling upon the file and not from this group, from getting to the program.

LFS



From: Jerry West on
Because that would never fly in the face of those individuals that will
place it back on their server. Nor does it sit well for my own sense of
security.

I'm happy to release it to those individuals whom I've seen in this group
for years. And pay for what most seem to think is a simple mod. Further, it
would be great to post the results of why I could not locate the string in
quest

JW

"Larry Serflaten" <serflaten(a)usinternet.com> wrote in message
news:%23ensf%23dsKHA.4492(a)TK2MSFTNGP05.phx.gbl...
>
> "Jerry West" <jw(a)comcast.net> wrote
>> Mike, can I send you the EXE in question? --I can prove I own it-- and
>> have
>> you locate the string in question and mod it. I still cannot find
>> it --even
>> after using the Cygnus hex editor-- to locate the string and mod it. I
>> don't
>> know what I'm doing wrong but at this point I'd pay someone to do it.
>
> How about you post it to the web somewhere, zipped with a password,
> and then post the link and give out the password. Those that have time
> could go looking. The (optional) password would help keep anyone
> stumbling upon the file and not from this group, from getting to the
> program.
>
> LFS
>
>
>

From: Mike Williams on
"Jerry West" <jw(a)comcast.net> wrote in message
news:OoednRT72a3D0OLWnZ2dnUVZ_sSdnZ2d(a)giganews.com...

> Mike, can I send you the EXE in question? --I can prove
> I own it-- and have you locate the string in question and
> mod it. I still cannot find it --even after using the Cygnus
> hex editor-- to locate the string and mod it.

Personally I wouldn't mind you doing that, but I think you would be far
better off doing what Larry has suggested and posting a password protected
zip file on the web and allowing anyone on the group to download it so that
anyone here who has the time can give it a go. If you really do want to send
me your file then you're welcome to send it to spamfritter99(a)yahoo.com (it's
an address I've just created a few minutes ago but it will work okay). I
don't know how much time (if any) I will have over the weekend to look at it
though, and you really would have a far better chance of a result if you
followed Larry's suggestion of posting it on the web. As far as your code
itself is concerned, you say that you have lost the source code (from which
I implied that it is possibly quite some time since you produced it) and yet
at the same time you posted a specific few lines of code from it as though
they were permanently in your head, the lines:

Select Case True
Case is = InStr(1, sTmp$, "@foobar.com", vbTextCompare)

Are you absolutely sure that the string "@foober.com" is contained in the
source code you compiled from in exactly that fashion (as a specific "whole
string" within a Case statement or something similar? I've just inserted a
suitably initialised sTmp$ variable and the above two lines deep in the
source code of one of my own fairly large projects and compiled it to a
native code exe and the code I posted yesterday finds it okay within the exe
and replaces it successfully with a completely different shorter string, and
the modified exe works exactly as you would want it to work on that shorter
string. If you cannot find the string in your own compiled exe then are you
sure that the above lines of code were actually contained within the source
code when you compiled it, and that you performed a standard native code or
pcode compile and have not used anything and the source code does not
contain anything that might deliberately make the string difficult to find?
I'm sure if it's there that somebody with sufficient time on their hands
will eventually find it, no matter how "hidden" it might be, but if the
source code was as you describe when it was compiled then (at least from my
own simple test results so far) I can't see why you cannot find it, although
of course this "delving into exe files" is somehting I've not had the need
to do before and so I'm only just picking my way around it at the moment, so
there may be somehting i've not taken into account.

Mike


From: Mike Williams on
"Mike Williams" <Mike(a)WhiskyAndCoke.com> wrote in message
news:%2384i2LhsKHA.6004(a)TK2MSFTNGP04.phx.gbl...

Oops! In my previous response I said, "You say that you have lost the source
code, from which I implied that it is possibly quite some time . . . etc".
I of course meant to say "inferred", not "implied". That's not really
relevant to the discussion at hand of course, but I don't want any of the
dotnet evangelists here thinking I'm stupid and pouncing on me for it
[again!] ;-)

Mike