flat assembler
Message board for the users of flat assembler.
![]() |
Author |
|
revolution 25 Dec 2011, 01:09
You can't modify the active process's exe file because it is locked by the OS.
You can do this:
|
|||
![]() |
|
f0dder 25 Dec 2011, 14:33
Stopping your executable and launching another exe is the only way to do this reliably - and even that will trigger some anti-malware applications.
Injecting code into other processes to do the modification will trigger even more anti-malware, and hacks like attempting to unmap your executable and keep running from VirtualAlloc'ed memory is simply too fragile. |
|||
![]() |
|
hihelp 25 Dec 2011, 20:08
Thanks for revolution and f0dder reply.
So don't use other process to modify self process and exe file, my mean is use UnmapViewOfFile and etc functions to modify self process... I said this way can realize it? Thanks for everybody! |
|||
![]() |
|
f0dder 25 Dec 2011, 20:15
hihelp wrote: my mean is use UnmapViewOfFile and etc functions to modify self process... As revolution said, launch a second exe, terminate current process, let the second exe modify the first one, and (possibly) re-launch the first exe. _________________ ![]() |
|||
![]() |
|
hihelp 26 Dec 2011, 14:38
I cried..thanks
|
|||
![]() |
|
typedef 28 Dec 2011, 01:08
Here's a good read http://en.wikipedia.org/wiki/Self_modifying_code
|
|||
![]() |
|
revolution 28 Dec 2011, 06:58
typedef wrote: Here's a good read http://en.wikipedia.org/wiki/Self_modifying_code |
|||
![]() |
|
JohnFound 28 Dec 2011, 09:07
Indeed, you can use self-modifying programs, as long as everything happens in the memory. Writing it to the .exe file is a problem.
It is sad, because it was very useful in the old DOS days to keep preferences and settings directly in the executable file. Now the programmer is forced to use external files for this simple task. |
|||
![]() |
|
hihelp 28 Dec 2011, 13:46
Thanks everyone!
|
|||
![]() |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.