BCD - Code Caves
1.0 Preparing Code Caves
1.1 Finding Code Caves
┌──(kali㉿hfc84)-[~/tools/develop/Cminer]
└─$ ./Cminer ~/tmp/PUTTY.EXE
[#] Cave 2
[*] Section: .rsrc
[*] Cave Size: 4027 byte.
[*] Start Address: 0x80005654
[*] End Address: 0x8000660f
[*] File Ofset: 0xd48551.2 Preperations
- Open CFF Explorer
Section Headers.rsrc- Set section flags to RWX and Code
- Save the file