BigPackets Forum

BigPackets => Public Discussion => Reversing => Topic started by: pr0jekt on May 26, 2018, 06:24:15 pm

Title: 4 Line PE-Header Eraser
Post by: pr0jekt on May 26, 2018, 06:24:15 pm
Code: [Select]
ULONG old = NULL;
char *BaseAddr = (char*)GetModuleHandleA(NULL);
auto base = reinterpret_cast<uintptr_t>(LI_FIND(LoadLibraryA)("Kernel32.dll"));
LI_GET(base, VirtualProtect)(BaseAddr , 4096, PAGE_READWRITE, &old);
RtlSecureZeroMemory(BaseAddr , 4096);

LI_FIND/LI_GET are Lazy Importer functions.