Issue
Is there a specific null char or a sequence of bytes which would not corrupt the executable if added in FRONT of the file? I tried adding NUL (00 hex) but it corrupts the executable every time. Is there some bytecode for NOP (no operation) or something similar?
Long story short, I want to mess up a “hack” that modifies a value in memory at &process+fixed offset. Pushing the memory stack up would (or so I think) prevent it from working.
Solution
No, the PE file format that Windows executables use has a very specific header. See http://en.wikipedia.org/wiki/Portable_Executable for more details.
You can try using ASLR to make your code more resistant to in-memory patching.
Answered By – Jonathan Potter
This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0