NASM - The Netwide Assembler

NASM Forum => Other Discussion => Topic started by: AssemblerX86 on September 05, 2015, 03:53:18 PM

Title: 0xE9 opcode in Win32 PE files
Post by: AssemblerX86 on September 05, 2015, 03:53:18 PM

Hi :)

 I was wonder if it is possible to add a new code section (Similar to .text) to a .exe file and add executable code to it? Can I make a jump from a section to another using 0xE9 opcode (Or maybe 0xEA?)? For example if I put (0x66 0xE9 <4 byte address little-endian starting from next instruction>) in the start of .text, and the final address refers to the beginning of .text2 section, will it work?

 I want to know this since I want to use a hex editor to play around with a certain program and want to make it jump to my custom .text2 section rather than the original one.

 Do I need to make the JMP to the virtual address of the section (Once its loaded to memory)? Or physical address (Address in hard disk)?

Thank you!

Title: Re: 0xE9 opcode in Win32 PE files
Post by: Frank Kotler on September 05, 2015, 08:38:24 PM

I'm not very familiar with Windows executables. I doubt if it'll let you do that, and I'm not sure it would do you any good. What happens if you try it?

Best,
Frank

Title: Re: 0xE9 opcode in Win32 PE files
Post by: AssemblerX86 on September 05, 2015, 10:04:31 PM

The executable crashes and the debugger gives (Segmentation Fault). But why wont Windows allow me to do that? Whats the limitation?