Hi, As a matter of convenience, I have created various loaders to programs that I use that either remove the requirement for the program CD at runtime, or perform other modifications to the program to make it more desirable to use (i.e. redirect audio cd access to WAV files on HDD). My general approach is to figure out what I want to do first; then patch a copy of the executable, test it and get it working, then, diff the patched copy with the original executable, and create a loader program that runs the original (unpatched) executable. The loader uses CreateProcess to invoke the executable as a suspended process, and then WriteProcessMemory to patch the new process in memory, causing the memory image to be identical to the disk-patched version. Then I ResumeThread to kick off the program. This sounds like a lot of work for little gain. It does one important thing however, which is to bypass integrity checks on the executable. The modified version is running in memory, but usually virus/hack checks are being made versus the executable on disk. The question is, does this type of approach work in WINE or not (It works in win98). I have so far been unable to get any of my loader-stubbed programs to work. The loader runs and starts the process, but no modification is made to the process, and then I get the original problems that I set out to fix in the first place. I am mainly curious if there is some type of memory protection in WINE that is preventing this from working or if any of the above functionality is yet unavailable in WINE. Surely the owner of a process should be able to write to it, no? thanks for any help. -- Ryan Underwood, <nemesis@xxxxxxxxxxxx>
Attachment:
signature.asc
Description: Digital signature