Author Topic: Writeable code section in win32 output format  (Read 17568 times)

nobody

  • Guest
Writeable code section in win32 output format
« on: March 18, 2008, 03:05:51 PM »
Hello. Is it possible to create writeable code section in win32 output format?
Thanks.

nobody

  • Guest
Re: Writeable code section in win32 output format
« Reply #1 on: March 18, 2008, 07:43:12 PM »
Good question. According to the Friendly Manual, we ought to be able to do the oxymoronic "segment .text data". I can confirm that Nasm swallows this without complaint - I have no way of testing whether a linker will eat it, nor whether it actually works.

In Linux, we can make a code section writeable, but if we name it ".text", ld will change it back to readonly! Calling it "kode" or something works... but the "usual way", if we want to modify code, is to copy it to the stack, and overwrite it there. That might be something to try, too.

There a *reason* code sections are readonly... hope you're not doing something "naughty" with this!

Best,
Frank

nobody

  • Guest
Re: Writeable code section in win32 output format
« Reply #2 on: March 21, 2008, 01:06:30 AM »
Yes, and it will work, you are just increasing the chance that your virus will get recognized as such faster using "heuristix" :-D

nobody

  • Guest
Re: Writeable code section in win32 output format
« Reply #3 on: March 21, 2008, 02:07:39 PM »
Thanks for your answers. Actually it isn't a virus. It's just a small handy program without any destructive functions.