giangnguyen Posted May 2, 2016 Posted May 2, 2016 I am looking for a way to set up either VIRTUAL_PROTECT or PAGE_GUARD for memory protection. I currently don't know how to do this, I have made the encryption for my EXE Protector, the RunPE module, and basically everything that I need. I also have made an advanced obfuscation tool, which I might release here on the forums in the future, to make sure the code is impossible to be understood. However, people can dump the original EXE from memory when I am injecting it. So how would I implement VIRTUAL_PROTECT, PAGE_GUARD or other methods of protecting memory?
Skitty Posted May 2, 2016 Posted May 2, 2016 lmao this all sounds malicious af m8 at this point why not use a language like C++ or something lol
Moderators Melba23 Posted May 2, 2016 Moderators Posted May 2, 2016 giangnguyen, Quote people can dump the original EXE from memory when I am injecting it From the forum rules: Do not ask for help with AutoIt scripts, post links to, or start discussion topics on the following subjects: [...] •Running or injecting any code (in any form) intended to alter the original functionality of another process. So please explain why I should not close this thread - and it had best be very good! M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
giangnguyen Posted May 2, 2016 Author Posted May 2, 2016 It is not intended to alter the original functionality of another process. It just injects code into itself using RunPE. @ScriptFullPath, not @ComSpec or "C:\Windows\Explorer.exe". Therefore it is not injecting code intended to alter the original functionality of another process. If I am making something malicious, why would I be interested in Page Guard? I would be more focused in obfuscating and hiding the script if I am a malware writer. Just sayen. 2 hours ago, Skitty said: lmao this all sounds malicious af m8 at this point why not use a language like C++ or something lol It is not malicious, that is the first thing And I am only learning, and I don't know C++/C yet. Intending to learn them in a few months time.
Moderators Melba23 Posted May 2, 2016 Moderators Posted May 2, 2016 giangnguyen, However, doing so is against the spirit of the rules and so I am going to close this thread. Please continue your education elsewhere. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
Recommended Posts