什么是code洞穴，有一个任何合法使用？ [英] What is a code cave, and is there any legitimate use for one?

问题描述

我遇到这个词首次在StackOverflow的问题： C＃的理论：写JMP到codecave在ASM 。我看到根据维基，一个code洞穴是：

I encountered this word for the first time in the StackOverflow question "C# Theoretical: Write a JMP to a codecave in asm." I see that according to Wiktionary, a code cave is:

的内存，一个人，通常是软件黑客，可以用它来注入一个未使用块
  定制编程code键修改程序的行为。

an unused block of memory that someone, typically a software cracker, can use to inject custom programming code to modify the behavior of a program.

我有没有找到正确的定义是什么？如果是这样，有一个code山洞任何合法使用？

Did I find the correct definition? If so, is there any legitimate use for a code cave?

推荐答案

我已经使用过，但我从来没有听说过这个词的 code洞穴的直到今天。维基的定义表明，一个code洞穴是后话了饼干在他或她试图破解的可执行文件中找到。你引用的问题不会使用这种方式。相反，它表明了code洞穴正与 VirtualAllocEx的分配在目标进程创建的内存品牌新的块。这消除了需要寻找目标未使用的空间，它保证你有足够的空间把所有新的code。

I've used them, although I'd never heard the term code cave until today. The Wiktionary definition suggests that a code cave is something the cracker finds in the executable he or she is attempting to crack. The question you cite doesn't use it that way. Instead, it suggests the code cave is being allocated with VirtualAllocEx to create a brand new block of memory in the target process. That removes the need to search for unused space in the target, and it guarantees you'll have enough space to put all your new code.

最后，我觉得code洞穴只是一个存储运行时产生的code处。有不必是任何恶意目的到code。而在这一点上，一个code洞穴是什么问题就完全提不起兴趣。有趣的部分是什么原因有在运行时产生code，什么技术也有用于确保当你想要它新的code获取运行。

Ultimately, I think a "code cave" is just a place to store run-time-generated code. There doesn't have to be any nefarious purpose to that code. And at that point, the question of what a code cave is becomes entirely uninteresting. The interesting parts are what reasons there are for generating code at run time, and what techniques there are for making sure that new code gets run when you want it.

这篇关于什么是code洞穴，有一个任何合法使用？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！