|
|
#5
11-18-2005, 00:47
|
|||
|
|||
|
you mean you would want to change
PeHeader.AddressOfEntryPoint to point to line 7 normallly compiled exe will have an image base of 0x400000 and AddressOfEntryPoint as 1000 so you mean you want to Edit this to point to 1006 (opcode lengths not considered using your own lines as referances so 6 here means line 6) so line 1 will still have push ebp (doesnt matter coz it wont be executed ) line 2 = mov ebp,esp push -1 push 0 push 0 push ebp jmp line 2 yes it should theoratically work as an infinte loop if you have an infinite stack space but normally stack space is limited to about one virtual page (4kb granualrity iirc or about 1000 dwords) so after about 250 cycles it would crash with stack over flow exception btw you can easily do this kind of experiments your self get masm32 package and start cranking out some exes and debug them using ollydbg 
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| entry point to function in comobj/activex dlls | Mitchjs | General Discussion | 5 | 12-15-2005 05:45 |
| how to get the address of the entry point in an API | Warren | General Discussion | 6 | 08-30-2005 16:18 |
| Is it possable breakpoint on entry point of DLL | jadesk99 | General Discussion | 17 | 01-18-2004 12:08 |
| How to make sure this is really the Entry Point | merursinecury | General Discussion | 7 | 04-13-2003 08:20 |
Threaded Mode