-1

I have software from the hardware manufacturer, however I do not want my customers to directly use this software, so I want to call manufacturer's software through my program.

I tried to embed an exe file into a resource, but when I called it, my program had to write the exe to disk and I don't want to expose the .exe file.

I also tried the following:

byte[] bin= Properties.Resources.myPro;
Assembly a = Assembly.Load(bin);
MethodInfo method = a.EntryPoint;

if (method != null)
{
    object o = a.CreateInstance(method.Name);
    method.Invoke(o, null);
}

but got this error when run to Assembly.Load(bin):

Could not load file or assembly '622592 bytes loaded from meter_config, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. An attempt was made to load a program with an incorrect format.

What is the problem, and how do I fix it?

Rufus L
  • 36,127
  • 5
  • 30
  • 43
JimmyN
  • 579
  • 4
  • 16

2 Answers2

2

Firstly, the error message you're getting:

An attempt was made to load a program with an incorrect format.

This indicates that the .exe file is not a .NET assembly. As such there is basically zero chance that you're going to be able to execute it from memory or directly from resource. You're going to have to put it somewhere on disk in order to get it to run.

Without a lot more information, all I can suggest is that you run it from a temporary or hidden location. Assuming that you are licensed to do so by the hardware manufacturer, of course.

I would suggest that you extract the .exe file to the temporary folder with a random file name, execute it, then delete the file after it has completed its operation. If you want you can add use the MoveFileEx API to delete a file on reboot. There's an example here on StackOverflow on how to do that. It makes sure that the file is removed from the computer at some point.

If you don't want to delete the file then the other option is to extract it into a path deep in the user's AppData hierarchy. Disguise it however you like, maybe put it in a folder with the hidden flag set, etc.

This kind of obfuscation won't stop a determined user from tracking it down, especially if it runs for more than a few seconds and can be easily seen in Task Manager or Process Explorer. Not much you can do about that unless you want your program to be flagged as a rootkit.

The alternative is to see if the manufacturer will supply a .NET library you can use instead of a standard Windows executable.

Corey
  • 15,524
  • 2
  • 35
  • 68
  • Honestly "a determined user" would just extract the resource from the .NET executable anyway. I'd go with `Path.GetTempFileName()`. – Blorgbeard Nov 28 '17 at 01:37
  • @Blorgbeard Depends on how you handle the resource, but yeah. I've done compressed encrypted resources in the past, but these days I generally don't even bother with the compression and only use resources so that I don't have to ship 5 files when 1 will do. – Corey Nov 28 '17 at 02:18
0

Since your using C# (which is generally managed code) you can't load as unmanaged assembly, so, if manufacturer's program is developed in C or C++ or something else which works at lower level than C#, be careful whether that code is managed or not. If it's unmanaged, unfortunately you can't do anything, except including a static entry point (if the code of manufacturer's program exports some method) just as this (you can reference here):

[DebuggerHidden, DebuggerStepperBoundary, DllImport("YourAssemblyLocation", SetLastError = true)]
[return: MarshalAs(UnmanagedType.YourPrimitiveType)]
internal static extern YourMethodType YourMethodName();

I hope this can be useful for you and let me know about the question.

Davide Cannizzo
  • 2,826
  • 1
  • 29
  • 31