Thread: How to change a filename in memory?
View Single Post
  #1  
Old 05-25-2011, 14:40
giv's Avatar
giv giv is offline
VIP
  
Join Date: Jan 2011
Location: Romania
Posts: 1,663
Rept. Given: 803
Rept. Rcvd 1,283 Times in 561 Posts
Thanks Given: 228
Thanks Rcvd at 567 Times in 241 Posts
giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299 giv Reputation: 1100-1299
How to change a filename in memory?
In the Documentation of VH2011 on this link in described at chapter 4 paragraph 4 a hook method described as:
Quote:
4. Form

Normally, the form file included in the EXE file is read-only, it can not be
changed.

Use OllyDbg or WinHex to scan memory, then change the form file name in memory. For example, we can change the form file name in memory (file name description) from VHTEST.SC* to XXTEST.SC*, and create a new form file VHTEST.SCX.

Reference code:
PROCEDURE Init
vh()
ENDPROC
In terms of OllyDBG and Winhex i'm a novice.
Please, someone could enlight me how to do such a opperation as change the name of a file in memory of a running program in such way that running program to call the dummy filename instead of the correct filename.
A tutorial will pe highly apreciated.
Thanks!
Reply With Quote