Gil Fidel • 4 years ago
Very nice post, thanks!
one question - the inline assembly byte array is created in non executable memory, so how is it executed?
Jack Halon • 4 years ago
Hey Gil!
I explain how to do that in part 2 - https://jhalon.github.io/ut....
Simply what we do is call VirtualProtect against the memory pointer where our inline assembly is stored and change those protections to be RWX.
Nice post Jack, Keep it up!