hello

how i can use Virtualprotect  to make a section of a pe file writeable  , how to call it  usig assembly code

thank you

for the pe file, why not just patch the section characteristic to read/write/execute ?

.data

oldprotectionvalue DWORD ?

memoryaddress DWORD 12345678h

.code

                push    offset oldprotectionvalue   ; destination for the old protection value filled on return
                push    PAGE_READWRITE ; value to change it to
                push    1234h  ; size of memory region (edit this to suit)
                push    [memoryaddress] ; address to adjust
                call    VirtualProtect ; the call

 

pretty straightforward, you can expand on it, using locals or whatnot, but if you had problems figuring that out i hate to think of what'll happen to the rest of your code..

 

hi

evlncrn8

  how i ca use that code? do i open the pe file and add the code with ollydbg?

it was an EXAMPLE of how to use virtualprotect in asm code, which is what you asked.... might i suggest you go read the tuts and stuff on pe modification and perhaps lena tuts and some asm...

bro please tell me how i ca use that code , exmple if i have a section is at address 41c200 and its size is 1000

do i use the code like that ,,what i put in offset oldprotectionvalue

push    offset oldprotectionvalue   ; destination for the old protection value filled on return
                push    PAGE_READWRITE ; value to change it to
                push    1000h  ; size of memory region (edit this to suit)
                push   41c200 ; address to adjust
                call    VirtualProtect ; the call

thank you

use CFF Explorer :
Go to section text or .data change flag 

that dont work in runtime

 

Try some stuff. Read MSDN. Look at almost any ASM RCE code as that probably does something similar.

You will not be spoon fed here.

thank you i will try