need help about Virtualprotect

[spector]

hello

how i can use Virtualprotect  to make a section of a pe file writeable  , how to call it  usig assembly code

thank you

[evlncrn8]

for the pe file, why not just patch the section characteristic to read/write/execute ?

.data

oldprotectionvalue DWORD ?

memoryaddress DWORD 12345678h

.code

                push    offset oldprotectionvalue   ; destination for the old protection value filled on return
                push    PAGE_READWRITE ; value to change it to
                push    1234h  ; size of memory region (edit this to suit)
                push    [memoryaddress] ; address to adjust
                call    VirtualProtect ; the call

 

pretty straightforward, you can expand on it, using locals or whatnot, but if you had problems figuring that out i hate to think of what'll happen to the rest of your code..

 

[spector]

hi

evlncrn8

  how i ca use that code? do i open the pe file and add the code with ollydbg?

[evlncrn8]

it was an EXAMPLE of how to use virtualprotect in asm code, which is what you asked.... might i suggest you go read the tuts and stuff on pe modification and perhaps lena tuts and some asm...

[spector]

bro please tell me how i ca use that code , exmple if i have a section is at address 41c200 and its size is 1000

do i use the code like that ,,what i put in offset oldprotectionvalue

push    offset oldprotectionvalue   ; destination for the old protection value filled on return
                push    PAGE_READWRITE ; value to change it to
                push    1000h  ; size of memory region (edit this to suit)
                push   41c200 ; address to adjust
                call    VirtualProtect ; the call

thank you

[hakouabs]

use CFF Explorer :
Go to section text or .data change flag 

[spector]

that dont work in runtime

 

[Loki]

Try some stuff. Read MSDN. Look at almost any ASM RCE code as that probably does something similar.

You will not be spoon fed here.

[spector]

thank you i will try