|
-
November 28th, 2002, 10:33 PM
#1
EXE /COB file / function pointer / pointer offsets
Hey, I'm looking at after compile time editing my executables,
I was wondering if anyone could tell me the format of a windows Executable, and if possible the process of adding a function pointer to a simple main function and adding the function body that is already compiled
so ->
int main()
{
return 0;
}
compile to test.exe
int blah();
int main()
{
blah();
}
int blah()
{
::MessageBox(NULL, "blah", "erhh", 0);
}
compile to data.exe
what I want to do is merge the blah function to be called from test.exe.
thanks
the pixel monkey
errhrhhhhrhhrhrhrhrh
-
November 29th, 2002, 01:24 AM
#2
Hi
Hi,
The structure can be obtained here --> Click Here , but isnt what you are trying to do called a VIRUS ???
-
November 29th, 2002, 10:37 AM
#3
check MSDN articles
search in MSDN and you will find with "PE Format" you can find 2 Technical Article:
1. Peering Inside the PE: A Tour of the Win32 Portable Executable File Format by Matt Pietrek March 1994
2. YAHU, or Yet Another Header Utility by Ruediger R. Asche
Microsoft Developer Network Technology Group, January 10, 1995
you can also visit http://www.magma.ca/~wjr/ for a PEview Tool to peek into the Portable Executable File inside deeply.
So, at far as I know, you can intercept the import table to "replace", say, a Kernel32.dll function, BUT, I don't think you can replace a function for there is no information about.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
