Hello, Bill/TPOC Nothing happens while The shellcode in the article (От зеленого к красному: Глава 3: Программирование в Shell-код стиле. Важные техники системного программирования: SEH, VEH и API Hooking. Отключение Windows File Protection.) runs . regards _688190570__shellcode_1.rar
i guess there is night where you are well, exactly I did not read that article yet and I do not think it is easy for everybody, and author can be not often here on forum. did you read the article? it is too often examples from articles do not work on other hardware/systems - they provided just as examples. it is need to read, understand and then use them. there are a lot unanswered question on forums, i just like you are visiting our if i'll can i'll try to read it regards!
Hello,shoo Yes, it is the time in night. there is four hours discrepancy between Beijing's time to Moscow's time. it is time for supper where you are. although i know nothing about russian, but I'v known the article is well from its asm code. the code is slowly becoming integrative from simple to complex. if I have not a lot work to do, or goen on errands, I usually visit your website. because i think it is one of the best asm website in the world. Thanks you for response.
dcskm4200 What you think it should do? it's just a shellcode, a part of other program. If you run it apart it'll fail on lea ebx,[ebp+address] ... mov dword ptr [ebx],eax (last string is commented in your attach, uncomment it) with exception, because ebx points to "address" label which is placed in code section (it's not writable by default). What that means at all: I think that other part of virus, which injects shellcode in victims body should somehow enable writing capability of victims code section before injecting, or inject it in data section which is writable, or anything else. If you want to use this shellcode apart you must compile it with /section:.text,ERW option.
Hey, Broken Sword Код (Text): If you want to use this shellcode apart you must compile it with /section:.text,ERW option. thanks you for guiding.
