i've this simple code test code:
#include <Windows.h>
#include <stdio.h>
/* Declare new sections to store encrypted code and shellcode data */
#pragma section(".code", execute, read, write)
#pragma comment(linker,"/SECTION:.code,ERW")
// From here executable code will go in .code section
#pragma code_seg(".code")
int test()
{
printf("prova");
return 0;
}
// .stub SECTION
#pragma section(".stub", execute, read, write)
#pragma code_seg(".stub")
int main(int argc, char *argv[]){
test(); /* Call function which executes shellcode now that it is decrypted */
return 0;
}
Can anyone tell me why if i dump this file i only got this default section:
The .code segment it's not generated. I think I used to do like this in some previuos project, am i doing something wrong?
-- Further tests --
.obj file the .code section is shown..stub gets showed dumping .exe or .obj#pragma comment(linker,"/SECTION:.code,ERW") did not work#pragma comment(linker,"/SECTION:.stub,ERW") didn't change dumpbin result on .exe, .stub still showing.code to .somethingelse didn't work either, same resultUsing the following directives i was able to confine all the code/variable/costant into the .code segment which was visible using the dumbin command.
#pragma section(".code", execute, read)
#pragma section(".codedata", read, write)
#pragma comment(linker,"/SECTION:.code,ERW")
#pragma comment(linker,"/SECTION:.codedata,ERW")
#pragma comment(linker, "/MERGE:.codedata=.code")
#pragma code_seg(".code")
#pragma data_seg(".codedata")
#pragma const_seg(".codedata")