News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

My Self Modifying Code

Started by liquidsilver, March 15, 2005, 09:56:29 AM

Previous topic - Next topic

liquidsilver

I've just recently started with SMC (Self Modifying Code) and I'm having some problems. This is my SMC.COM source. This works, but when I convert it to a EXE then it goes haywire :(. The correct data seems to not get targeted. I use MASM, please help.

.model tiny
.stack
.data
  key db 01h
.code
org 0100h

mov cx,3
StrLoop:
  dec cx
  mov di,(offset fix)
  add di,cx
  mov al,[di]
  xor al,key
  mov [di],al
  jcxz OutLoop
  jmp StrLoop
OutLoop:

fix db 0B9h, 036h, 003h ;mov ax,0237h
  ret
end main

dmh

Why do you need self-modifying code?

arafel

It fails because Windows protects code segment from writing to. You will need to set write/read access rights for a particular memory section, execute your smc and set back to execute right.

Anyway it's better if you had explained the purpose of your question. If it's for legitimate purposes like protection scheme or just for education than we'll be glad to assist you.

liquidsilver

I don't know how to do that, could you help, please?

I want to know how to do this to extend my knowledge and I might use it in a program or two, but how could i use it for anything other, after all I have the source code already?

I was planning on eventually using it in a two-layer code structure. There would be one section of code and after xoring it with some special data, it would become a second section of useful code. What do you think of my idea?

Gustav

Hi,

it might be a problem with setting segment registers, because this is slightly different for COM and EXE formats. You will have to show us the full source, however. BTW, is this your first MASM executable? If yes, then please tell us the linker commands you are using

liquidsilver

This isn't my first MASM exe and that is the full source.

MichaelW

QuoteI want to know how to do this to extend my knowledge and I might use it in a program or two, but how could i use it for anything other, after all I have the source code already?

Extend your knowledge of what? Use it in a program for what? Self-modifying code is much more frequently used for illegal activities that it is for anything legitimate. In many years of programming, I have had to use self-modifying code only once, in DOS code as a means of extending the INT instruction to take a variable as an operand.
eschew obfuscation

liquidsilver

I could use it to protect any "important" program of mine. What sort of illegal activities can it be used for, cause I'm not such what you're talking about.

MichaelW

I doubt that the simple scheme you describe would even slow the crackers down.

The only problem I found with your code was a missing 'main' label.
eschew obfuscation

Gustav

> The only problem I found with your code was a missing 'main' label.

Yes, that's why I was asking for the full code. But the real problem most likely is:

- for COM CS=DS=ES=PSP
- for EXE DS=ES=PSP, CS=code (most likely PSP+10h)


MichaelW

Quote from: Gustav on March 19, 2005, 08:44:23 PM
> The only problem I found with your code was a missing 'main' label.

Yes, that's why I was asking for the full code. But the real problem most likely is:

- for COM CS=DS=ES=PSP
- for EXE DS=ES=PSP, CS=code (most likely PSP+10h)

I see now that I did not understand the question. I was interpreting EXE figuratively as meaning executable, and the code was obviously for a COM executable. After I added the necessary label and built it as COM file, it worked as expected. My apologies if it seemed that I was disagreeing with your explanation, which is obviously correct -- the code, as posted, will work only if CS=DS=PSP. For an EXE it could be something like this:

.model small
.stack
.data
  key db 01h
.code
  .startup
  mov cx,3
StrLoop:
  dec cx
  mov di,(offset fix)
  add di,cx
  mov al,cs:[di]
  xor al,key
  mov cs:[di],al
  jcxz OutLoop
  jmp StrLoop
OutLoop:
  fix db 0B9h, 036h, 003h ;mov ax,0237h
  .exit
end

ML /c selfmod.asm
LINK16 selfmod.obj;

eschew obfuscation

liquidsilver

Sorry about the main label :red, I left it out when typing this post, don't know why? But I had it in my personal code and that wasn't the problem.

I haven't tried that code of yours but it looks correct. Thanx. :U

I'm surprised you say that this wouldn't help with protection, I would have thought otherwise, but now I know not to put too much effort into it.

I'm not too clued up on segments, but I think I understand more now. Are DS,ES and PSP for data? and if not, what are they for?

MichaelW

QuoteI'm not too clued up on segments, but I think I understand more now. Are DS,ES and PSP for data? and if not, what are they for?

An often-repeated scenario here seems to be a new member who has obviously skipped over the basics, trying to learn how to do something questionable.

QuoteI want to know how to do this to extend my knowledge...

If your primary goal is learning how to program with MASM, your time would be much better spent learning the basics. If your primary goal is learning how to do something questionable, AFAIC you're on your own.
eschew obfuscation

P1

Quote from: MichaelW on March 21, 2005, 07:56:30 PM... An often-repeated scenario here seems to be a new member who has obviously skipped over the basics, trying to learn how to do something questionable.
... If your primary goal is learning how to program with MASM, your time would be much better spent learning the basics. If your primary goal is learning how to do something questionable, AFAIC you're on your own.
liquidsilver,
MichaelW is right!  Your on your own, until you realize, that you need to crawl before walk, before running.  As young as you are, you come across as a wantabe hacker, as you dive into the deep end of programming.

Thread Locked.

Regards,  P1  :8)
Quote