Page 1 of 1
Weird idea about threads
Posted: Wed Dec 10, 2003 11:45 am
by Seldon
If your opinion, if I store a procedure in my source as a sequence of bytes (that is the real machine code -> I'd use a HEX editor for this to retrieve the values) , then I load such procedure in memory (in an allocated memory area) and I pass the pointer of that area to CreateThread (the PB version or the API version) would that work ? Any ideas ? I saw the VirtualAlloc() call accepts the PAGE_EXECUTE flag to be passed.
I know that it can sound silly, but I think it could be useful for copy protection functions that would be created at run-time (the machine code could be crypted too).
Posted: Wed Dec 10, 2003 12:25 pm
by Seldon
Ok, little update. I included some code in IncludeBinary and then I passed it to CreateThread and ALL Windows blocked !! 8O Impressive, nothing was reacting anymore (I use Win98SE). I guess because the code was loaded in the data section and not the code section. I'll try what happens using VirtualAlloc.
Posted: Wed Dec 10, 2003 12:46 pm
by freak
There is a code snip at the german forum, that creates and executes a
Procedure on runtime.
http://robsite.de/php/pureboard/viewtopic.php?p=573#573
Unfortunately, i don't understand anything in this code, so you'll have to
find some other german speaking geek to help you on this.
Timo
Posted: Wed Dec 10, 2003 6:30 pm
by Seldon
Thanks for the post, I saw the program and it seems very interesting. Though from what I've understood sofar, it seems the procedure to be called (or an API call) must stay in the code and that wouldn't be useful as the code would be readable as always and you could see it by using a disassembler.