.data? Old dw ? AddrToChange LPVOID ? .code mov AddrToChange, offset codeToChange invoke VirtualProtect, AddrToChange,2000,PAGE_READWRITE,offset Old mov word ptr [AddrToChange], 9090h Invoke VirtualProtect, AddrToChange,4,PAGE_EXECUTE,offset Old infinite: ADD EBX, EAX INC EAX codeToChange: JMP infinite
动态修改程序自身代码的参考code