C# 我如何以append代码结尾运行一个.NET.EXE，最好是从那个.EXE里面？

Question

Can a running .NET.EXE append data to itself? What's stopping it?

I could launch a separate process to do it just fine.

But I can't figure out how to write to itself while it's running. Is there anyway to do this? IN .NET

EDIT: And preferably no hacky solutions like write it out somewhere else then copy/rename

EDIT2: Clarifying type of executeable

EDIT3: Purpose : Writing binary stream to my running EXE file allows me to then parse the.EXE file on disk for those bytes and use them in the program . Without having to create any new files or registry entries or stuff like that. It is self contained. This is extremely convenient.

EDIT4: For those against this file, please thinking about the functions of: FILE ZIPPING , DLL LINKING , and PORTABLE APPLICATIONS before trying to discredit this idea,

Answer 1

There are a lot of bad consequences for storing data this way, as said in the comments, but there's a bigger problem: the answer to "What's stopping it?" question. The Windows PE loader locks the image file for writing while in execution, so you can't get an HANDLE to the file with write permissions, as NtCreateFile and NtOpenFile system calls with FILE_WRITE_DATA option will fail, as well as any attempt to delete the file. This block is implemented at kernel level and set during the NtCreateProcess system call, before the process and its modules entry point are actually called.

The only dirty trick possible without writing data to the disk, sending it to a remote server and without kernel privileges is to use another process via an helper executable, code injection or command-line arguments scripts (eg with PowerShell) which can kill your process releasing the lock, append data to the end of file and restart it. Of course these options have even worse consequences, I wrote it only to make clear the OS limitations (made by purpose) and why no professional software uses this technique to store data.

Answer 2

Despite all the negativity, there is a clean way to do this:

The way I have found only requires the program be executed on an NTFS drive.

The trick is to have your app copy itself to an alternate stream as soon as it's launched, then execute that image and immediately close itself. This can be easily done with the commands:

type myapp.exe > myapp.exe:image
forfiles /m myapp.exe /c myapp.exe:image

Once your application is running from an alternate stream (myapp.exe:image), it is free to modify the original file (myapp.exe) and read the data that's stored within it. The next time the program starts, the modified application will be copied to the alternate stream and executed.

This allows you to get the effect of an executable writing to itself while running, without dealing with any extra files and allows you to store all settings within a single.exe file.

The file must be executed on an NTFS partition, but that is not a big deal since all Windows installations use this format. You can still copy the file to other filesystems, you just cannot execute it there.