Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Running program from memory
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #5  
Old 09-18-2004, 08:02
crc32
 
Posts: n/a
hmm i cant think of anything why it shouldnt work. map into mem, resolve imports etc, jmp entrypoint. actually this wouldnt be much different as writing an loader stub for an pepacker. only problem might be relocation info. since .exe files normally use an std imagebase, reloc infos are stripped, without them you might have an hard time figuring out what actually is an offset and whats code.
an solution to this might be to compile the "loader" app onto nonstandard imagebase so the 0x400000 range is "free" (but then again how to alloc mem on exactly this address), or compile the "target" app with relocation info u can use.
Last edited by crc32; 09-18-2004 at 08:29.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Running DeepSeek R1 locally chants General Discussion 25 07-12-2025 20:44
How can I detect whether a 'Virtual machine' is currently running? me0007 General Discussion 5 06-16-2004 17:44
Need to find a pattern in a running file merlin General Discussion 14 07-20-2002 06:59


All times are GMT +8. The time now is 05:26.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )