source: golgotha/src/golg/win95/self_modify.cc @ 80

Last change on this file since 80 was 80, checked in by Sam Hocevar, 12 years ago
  • Adding the Golgotha source code. Not sure what's going to be interesting in there, but since it's all public domain, there's certainly stuff to pick up.
File size: 2.0 KB
RevLine 
[80]1/********************************************************************** <BR>
2  This file is part of Crack dot Com's free source code release of
3  Golgotha. <a href="http://www.crack.com/golgotha_release"> <BR> for
4  information about compiling & licensing issues visit this URL</a>
5  <PRE> If that doesn't help, contact Jonathan Clark at
6  golgotha_source@usa.net (Subject should have "GOLG" in it)
7***********************************************************************/
8
9
10#include <windows.h>
11#include <process.h>
12#include "error/error.hh"
13
14int allow_self_modification()
15{
16  int                           ReturnValue = 0;
17
18  HMODULE                       OurModule = GetModuleHandle(0);
19  BYTE                         *pBaseOfImage = 0;
20
21  if ( (GetVersion() & 0xC0000000) == 0x80000000)
22  {
23    // We're on Win32s, so get the real pointer
24    HMODULE                       Win32sKernel = GetModuleHandle("W32SKRNL.DLL");
25
26    typedef DWORD __stdcall       translator(DWORD);
27    translator                   *pImteFromHModule =
28      (translator *) GetProcAddress(Win32sKernel, "_ImteFromHModule@4");
29    translator                   *pBaseAddrFromImte =
30      (translator *) GetProcAddress(Win32sKernel, "_BaseAddrFromImte@4");
31
32    if (pImteFromHModule && pBaseAddrFromImte)
33    {
34      DWORD                         Imte = (*pImteFromHModule) ( (DWORD) OurModule);
35
36      pBaseOfImage = (BYTE *) (*pBaseAddrFromImte) (Imte);
37    }
38  }
39  else
40  {
41    pBaseOfImage = (BYTE *) OurModule;
42  }
43
44  if (pBaseOfImage)
45  {
46    IMAGE_OPTIONAL_HEADER        *pHeader = (IMAGE_OPTIONAL_HEADER *)
47      (pBaseOfImage + ( (IMAGE_DOS_HEADER *) pBaseOfImage)->e_lfanew +
48       sizeof (IMAGE_NT_SIGNATURE) + sizeof (IMAGE_FILE_HEADER));
49
50    DWORD                         OldRights;
51
52    if (VirtualProtect(pBaseOfImage + pHeader->BaseOfCode, pHeader->SizeOfCode,
53                       PAGE_READWRITE, &OldRights))
54    {
55      ReturnValue = 1;
56    }
57  }
58
59  return ReturnValue;
60}
Note: See TracBrowser for help on using the repository browser.