Topic: Modify Data In Code, Or "jump" To Data. (Read 111 times)

joohan · « **on:** February 07, 2010, 04:20:00 PM »

Is there any way to modify the data in the .text segment?
Or jump to a adress outside of the .text segment.

I want to update the program during runtime.

I have tried to modify the .text segment during runtime, but that only results in a crash.
And jumping to anything outside of .text also hangs the box.

I am guessing that the kernel has put a ro flag on the code segment, and a "no exec" flag on the data.
Any way to bypass this?

EDIT:

I did some digging in the docs and I found this:

VirtualAlloc -> flProtect ->
PAGE_EXECUTE_READWRITE:
Equivalent to PAGE_READWRITE. Does not enable execute access to the committed region of pages. This access type is provided solely to ease portability with Win32 projects.

So it appears that the flag I need is disabled, any workaround?

This post has been edited by joohan: Feb 8 2010, 12:43 AM

faint_u · « **Reply #1 on:** February 02, 2020, 04:56:00 PM »

Did you try the following:
use VirtualProtect to change the protect attributes,
change the memory
use virtual protect to change the attributes back

Author Topic: Modify Data In Code, Or "jump" To Data. (Read 111 times)

joohan

Modify Data In Code, Or "jump" To Data.

faint_u

Modify Data In Code, Or "jump" To Data.