Exetools  

Go Back   Exetools > General > x64 OS
Reload this Page CodeCave in x64
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-01-2023, 06:37
vitriol vitriol is offline
Friend
  
Join Date: Jan 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 19 Times in 5 Posts
vitriol Reputation: 1
Did something like this just recently with a friend.
We added a Section to the PE and patched the entry point with a jump to our entry code.
In case youre interested, the code is easy to read you can find it on my friends github;
https://github.com/XaFF-XaFF/CaveCarver
Reply With Quote
The Following 2 Users Say Thank You to vitriol For This Useful Post:
blue_devil (04-03-2023), RAMPage (04-02-2023)
  #2  
Old 04-18-2023, 06:04
RAMPage RAMPage is offline
Friend
  
Join Date: Mar 2023
Posts: 44
Rept. Given: 3
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 55
Thanks Rcvd at 23 Times in 12 Posts
RAMPage Reputation: 1
Quote:
Originally Posted by vitriol View Post
Did something like this just recently with a friend.
We added a Section to the PE and patched the entry point with a jump to our entry code.
In case youre interested, the code is easy to read you can find it on my friends github;
https://github.com/XaFF-XaFF/CaveCarver

Didnt have the chance to see it , too much things in the house to do. Im looking foward to finishing this work , I have to see how to disable ASLR in a binary too
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT +8. The time now is 14:16.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )