| View previous topic :: View next topic |
| Author |
Message |
Hieroglyphics
I post too much
 Reputation: 0
Joined: 06 Dec 2007
Posts: 2007
Location: Your bedroom
|
 Posted: Mon Jul 07, 2008 12:48 pm Post subject: Close thread |
 |
|
Mods close thread please I am done with the dll
Thanks to reload, Opcode0x90, oib111, and CHAOSIS ALOT
_________________
Last edited by Hieroglyphics on Mon Jul 07, 2008 3:27 pm; edited 2 times in total |
|
| Back to top |
|
 |
lurc
Grandmaster Cheater Supreme
 Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Mon Jul 07, 2008 12:52 pm Post subject: |
|
|
1. You don't have to loop it. Since in the AA script its only written once.
2. VirtualProtect to PAGE_EXECUTE_READWRITE
_________________
|
|
| Back to top |
|
|
Hieroglyphics
I post too much
Reputation: 0
Joined: 06 Dec 2007
Posts: 2007
Location: Your bedroom
|
| Posted: Mon Jul 07, 2008 12:53 pm Post subject: |
|
|
So what should I change the mainloop part to? And I don't get what you said number 2 I am very noob  Trying to learn though =]
_________________
|
|
| Back to top |
|
|
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Mon Jul 07, 2008 12:55 pm Post subject: |
|
|
Memory write protection? I'm assuming he means that the virtual memory in that region isn't set to PAGE_EXECUTE_READWRITE. Try using the VirtualProtect API in your code for each of your addresses.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
Hieroglyphics
I post too much
Reputation: 0
Joined: 06 Dec 2007
Posts: 2007
Location: Your bedroom
|
| Posted: Mon Jul 07, 2008 12:55 pm Post subject: |
|
|
How do I do that? I told you I am still learning...
_________________
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Mon Jul 07, 2008 1:01 pm Post subject: |
|
|
Read about it on the MSDN. There are resources on the internet for a reason, try learning instead of having people hand you the code every time you run into an issue.
_________________
- Retired. |
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Mon Jul 07, 2008 1:02 pm Post subject: |
|
|
1. Take away the while loop.
2. Before using memset call VirtualProtect on all 3 addresses with the new protection as PAGE_EXECUTE_READWRITE.
As Wiccaan said, look it up on MSDN:
VirtualProtect
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Mon Jul 07, 2008 1:06 pm Post subject: |
|
|
How exactly do you get the size of that one address? i.e.
| Code: |
DWORD dwOldProtect;
VirtualProtect(0xDEADBEEF, size?, PAGE_EXECUTE_READWRITE, &dwOldProtect);
|
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Mon Jul 07, 2008 1:07 pm Post subject: |
|
|
You should know how many bytes your overwriting. Then you VirtualProtect that many bytes.
_________________
|
|
| Back to top |
|
|
Hieroglyphics
I post too much
Reputation: 0
Joined: 06 Dec 2007
Posts: 2007
Location: Your bedroom
|
| Posted: Mon Jul 07, 2008 1:08 pm Post subject: |
|
|
So I would do :
| Code: |
BOOL WINAPI VirtualProtect(
__in LPVOID lpAddress, //Addy here
__in SIZE_T dwSize, //What here
__in DWORD flNewProtect, //What here
__out PDWORD lpflOldProtect //What here
);
|
EDIT:
So I need the disable section for this?
_________________
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Mon Jul 07, 2008 1:22 pm Post subject: |
|
|
Read and learn all this then come back.
I don't care how long it takes, or how boring it is.
http://www.winprog.org/tutorial/
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Mon Jul 07, 2008 1:35 pm Post subject: |
|
|
EDIT:
Removed because lurc is right 
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
Last edited by oib111 on Mon Jul 07, 2008 1:56 pm; edited 1 time in total |
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Mon Jul 07, 2008 1:36 pm Post subject: |
|
|
oib111 please remove the code.
I want him to learn API from the beggining.
_________________
|
|
| Back to top |
|
|
Hieroglyphics
I post too much
Reputation: 0
Joined: 06 Dec 2007
Posts: 2007
Location: Your bedroom
|
| Posted: Mon Jul 07, 2008 2:00 pm Post subject: |
|
|
Aw man...But wont that take forever. I would just like to learn what I need at the moment.
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Mon Jul 07, 2008 2:10 pm Post subject: |
|
|
Study the API and at least try to learn how to use it. I'll break it down for you.
First param...
LPVOID lpAddress
This is the address that's protection is going to be changed.
SIZE_T size
This is the number of bytes, starting from lpAddress, who's protection you want to be changed (hint look at your memset, or direct byte, db).
flNewProtect
This is a memory constant value which is what the new protection will be. The values are...
| Quote: |
PAGE_EXECUTE
0x10
Enables execute access to the committed region of pages. An attempt to read or write to the committed region results in an access violation.
This flag is not supported by the CreateFileMapping function.
PAGE_EXECUTE_READ
0x20
Enables execute and read access to the committed region of pages. An attempt to write to the committed region results in an access violation.
Windows Server 2003 and Windows XP: This attribute is not supported by the CreateFileMapping function until Windows XP SP2 and Windows Server 2003 SP1.
PAGE_EXECUTE_READWRITE
0x40
Enables execute, read, and write access to the committed region of pages.
Windows Server 2003 and Windows XP: This attribute is not supported by the CreateFileMapping function until Windows XP SP2 and Windows Server 2003 SP1.
PAGE_EXECUTE_WRITECOPY
0x80
Enables execute, read, and write access to the committed region of image file code pages. The pages are shared read-on-write and copy-on-write.
This flag is not supported by the VirtualAlloc, VirtualAllocEx, or CreateFileMapping functions.
PAGE_NOACCESS
0x01
Disables all access to the committed region of pages. An attempt to read from, write to, or execute the committed region results in an access violation exception, called a general protection (GP) fault.
This flag is not supported by the CreateFileMapping function.
PAGE_READONLY
0x02
Enables read access to the committed region of pages. An attempt to write to the committed region results in an access violation. If the system differentiates between read-only access and execute access, an attempt to execute code in the committed region results in an access violation.
PAGE_READWRITE
0x04
Enables both read and write access to the committed region of pages.
PAGE_WRITECOPY
0x08
Gives copy-on-write protection to the committed region of pages.
This flag is not supported by the VirtualAlloc or VirtualAllocEx functions.
|
PDWORD dwProtect
This is a pointer to a DWORD type variable that will receive the old memory protection constant. You need to use this the function will fail.
| Code: |
//example of using dwOldProtect
DWORD dwOldProtect;
VirtualProtect(lpAddress, size, flNewProtect, &dwOldProtect);
//^^right
VirtualProtect(lpAddress, size, flNewProtect, NULL);
//^^wrong
|
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
