Running Machine Code from Memory

Please support our C advertiser: Programming Forums - DaniWeb Sister Site
Reply

Join Date: Mar 2005
Posts: 464
Reputation: invisal is a jewel in the rough invisal is a jewel in the rough invisal is a jewel in the rough 
Solved Threads: 49
invisal's Avatar
invisal invisal is offline Offline
Posting Pro in Training

Running Machine Code from Memory

 
0
  #1
Aug 29th, 2009
Recently, I have wonder how to execute machine code instruction from memory in C/C++. I am aware of data execution protection. Anyway, I have this piece of code:

C Syntax (Toggle Plain Text) 
  1. int main()
  2. {
  3. 	// allocate 2 bytes for storing machine code
  4. 	char* mc_add = (char*)malloc(sizeof(char)*2);
  5. 	int reg_eax; // for storing register EAX
  6.  
  7. 	_asm mov eax, 0x10; // assign EAX = 16
  8. 	_asm mov ecx, 0x01; // assign ECX = 1
  9.  
  10. 	// ADD EAX, ECX  == 0x01C1
  11. 	*mc_add = 0x01;
  12. 	*(mc_add+1) = 0xC1;
  13.  
  14.         // *  I want to execute machine code instructuion from mc_add here *
  15.  
  16. 	_asm mov reg_eax, eax; // get register EAX
  17.  
  18. 	printf("Register EAX is%d", reg_eax); // print EAX
  19.  
  20. 	free(mc_add); // free machine code
  21.  
  22. 	return 0;
  23. }
Using: Microsoft Visual Studio 2008
Last edited by invisal; Aug 29th, 2009 at 7:17 am.
Yesterday is a history, tomorrow is a mystery, today is a gift.
Behind every smile is a tear.
Visal .In
Reply With Quote Quick reply to this message  
Join Date: Mar 2005
Posts: 464
Reputation: invisal is a jewel in the rough invisal is a jewel in the rough invisal is a jewel in the rough 
Solved Threads: 49
invisal's Avatar
invisal invisal is offline Offline
Posting Pro in Training

Re: Running Machine Code from Memory

 
0
  #2
Aug 30th, 2009
I have finally found the solution to my problem, so I am going to share it to anyone who interest the same thing as what I am

C Syntax (Toggle Plain Text) 
  1.  
  2. int main()
  3. {
  4. 	// allocate 8 bytes for storing machine code
  5. 	char *mc_mov = (char*)VirtualAlloc(0, 8, 0x1000, 0x40);
  6. 	int reg_eax; // for storing register EAX
  7.  
  8. 	*mc_mov = 0xC7; // MOV (Immediate 32 bit to 32-bit register)
  9. 	*(mc_mov+1) = 0xC0; // MOV to register EAX
  10. 	*(mc_mov+2) = 0x00; // Immediate 32 bit data = 0x00000000
  11. 	*(mc_mov+3) = 0x00;
  12. 	*(mc_mov+4) = 0x00;
  13. 	*(mc_mov+5) = 0x00;
  14. 	*(mc_mov+6) = 0xC2; // Return 16
  15. 	*(mc_mov+7) = 0x10; 
  16.  
  17. 	CallWindowProc((WNDPROC)mc_mov, 0, 0, 0, 0);
  18.  
  19. 	_asm mov reg_eax, eax; // get register EAX
  20.  
  21. 	printf("Register EAX is %d", reg_eax); // print EAX
  22.  
  23. 	VirtualFree((LPVOID)mc_mov, 8, 0x4000); // free machine code
  24.  
  25. 	return 0;
  26. }
Last edited by invisal; Aug 30th, 2009 at 12:39 am.
Yesterday is a history, tomorrow is a mystery, today is a gift.
Behind every smile is a tear.
Visal .In
Reply With Quote Quick reply to this message  
Join Date: Nov 2008
Posts: 977
Reputation: MosaicFuneral is just really nice MosaicFuneral is just really nice MosaicFuneral is just really nice MosaicFuneral is just really nice MosaicFuneral is just really nice 
Solved Threads: 92
MosaicFuneral's Avatar
MosaicFuneral MosaicFuneral is offline Offline
Posting Shark

Re: Running Machine Code from Memory

 
0
  #3
Aug 30th, 2009
Actually I have a simple library I wrote for executing machine code off an executable page.

The basis of it all for single page without a pointer(to arguments pushed on the stack) is simply:
  • typedef int (*fp)();
  • fp *code = new fp [original.size()];
  • memmove((void*)code, original.data(), original.size());
  • In a wrapper function, return ((fp)code)();
  • delete [] code;

Argument support is mind-numbingly easy.

I was working on an experimental metamophic engine, and assembler for it around the begining of summer, but sort of gave up when a bug with literals had me grinding my teeth.
Last edited by MosaicFuneral; Aug 30th, 2009 at 3:55 pm.
"Jedenfalls bin ich überzeugt, daß der Alte nicht würfelt."
"I became very sensitive to what will happen to all this and all of us." -Two geniuses named Albert
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the C Forum
Thread Tools Search this Thread



Tag cloud for C
#include * append array arrays asterisks binarysearch calculate changingto char character cm command copyimagefile cprogramme creafecopyofanytypeoffileinc database directory dynamic execv feet fgets file fork forloop framework function functions givemetehcodez grade graphics gtkwinlinux hacking histogram homework inches include incrementoperators input intmain() iso kernel keyboard km lazy license linked linkedlist linux list lists locate logical_drives looping loopinsideloop. lowest matrix microsoft mqqueue number oddnumber odf opendocumentformat opensource overwrite owf pdf performance pointer posix problem probleminc process program programming radix recursion recv recvblocked research reversing scanf scripting segmentationfault sequential socket spoonfeeding standard string student systemcall testing threads turboc unix user variable wab whythiscodecausesegmentationfault windowsapi
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC