Readme Posted February 5, 2014 Share Posted February 5, 2014 does someone of tuts4you know how to disable/remove the "dll can load" (IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) in programming code? we know this IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE is equal to 0x40, so is it a correct way to substract 0x40 from the DllCharacteristics? so in example NTheader->OptionalHeader.DllCharacteristics = NTheader->OptionalHeader.DllCharacteristics - 0x40; Link to comment
Aguila Posted February 5, 2014 Share Posted February 5, 2014 It is a flag. You check a flag with AND and you can delete a flag with XOR. if (OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE)OptionalHeader.DllCharacteristics ^= IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE 1 Link to comment
Readme Posted February 5, 2014 Author Share Posted February 5, 2014 Thanks aguila, works perfect! Thanks a twice for the AND / XOR info. Didn't know this. Link to comment
mrexodia Posted February 5, 2014 Share Posted February 5, 2014 You could also delete the flag by just using the AND operation.DWORD info=0x40;info|=4; //make info 0x44info&=~4; //keep everything, except 0x4 -> makes info 0x40 again 1 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now