this is an attempt to replicate the "guarded pages" feature of riot vanguard/byfron. The dll encrypts the text section of a binary, afterwards installs an exception handler and sets the entire section to PAGE_NO_ACCESS. Now as soon as the execution moves to this binary, the exception handler gets triggered, decrypts the page in question, sets the DEP value and resumes execution. To prevent a completely decrypted text section the dll tracks all decrypted pages and renecrypts old, unused pages.
-
Notifications
You must be signed in to change notification settings - Fork 13
PotatoOfDoom/not-byfron
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
A reimplementation of byfrons NO_ACCESS memory protection feature
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published