Exetools  

Go Back   Exetools > General > Source Code
Reload this Page [C/C++] Memory patcher to deal with (ASLR)
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #4  
Old 10-19-2015, 23:55
bilbo bilbo is offline
Friend
  
Join Date: Jul 2004
Posts: 103
Rept. Given: 36
Rept. Rcvd 15 Times in 12 Posts
Thanks Given: 15
Thanks Rcvd at 17 Times in 11 Posts
bilbo Reputation: 15
Hi Insid3Code,

IMHO, your source code is very useful to find the image base address and the image entrypoint, but I really do not understand the use of patching one byte inside NTDLL.DLL, at EntryPoint+64/7E!

In my Window7-64, for a 32bit application, EntryPoint is at start of RtlUserThreadStart() (inside SysWOW64\ntdll.dll), and EntryPoint+0x64/0x7E are inside the exports table!

Best regards, bilbo
Reply With Quote
The Following User Says Thank You to bilbo For This Useful Post:
niculaita (10-20-2015)
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Delphi] Check if ASLR is enabled Agmcz Source Code 15 06-11-2018 09:09
How to deal with threads ? bcl25 General Discussion 4 03-29-2003 06:22


All times are GMT +8. The time now is 03:55.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )