求原代码
最好是c/c++的
如果好的话
在加分到200
最好是c/c++的
如果好的话
在加分到200
解决方案 »
- 在对话框上怎么添加CheckListBox控件
- 怎么统计数组中重复的值
- 100分求 内存泄漏 怎么解决
- 求助,函数操作超时的问题
- 在vc中打开access中未发现数据源名称并且未指定默认的驱动
- 关于CMainFrame::InitInstance()里的疑问
- 关于制作Flash播放器的问题
- 动态创建CStatic类时,如何使它能能接收父窗口的消息
- 一个资源,有一个线程专门写入数据,有两个线程专门读出数据.这种情况怎么安排,效率比较高?
- 有没有谁要参加微软的vs.net程序设计大赛的,西南赛区的,我是川师的,也许川师只能由我们一个队了,我从没参加过这种比赛,谁能给我们指点指点,提点建议,将点经验,谢谢了,我会很快加分的,谁能给我们点建议。我们这次只是为荣誉而战了,为了川师。。。。
- 在VC++里面的TabControl怎么操作
- windows系统信息的获取
hmm,最近在看一个壳的源文件,顺手写的一段,错误难免,望楼主可以 去渣求精
struct SECTION
(
char szName[7];
DWORD dwVirtualSize;
DWORD dwVirtualAddress;
DWORD dwSizeOfRawData;
DWORD LpPointerToRawData;
DWORD LpPointerToRelocations;
DWORD LpPointerToLineNumbers;
WORD NumbersOfRelocations;
WORD NumbersOfLineNumbers;
DWORD dwCharacteristics;
)if(InitFile("test.exe",LphFile))
{
if(IsPE(LphFile))
{
AddSection(LphFile,"test",0,0,0,0x60000020);
}
}
BOOL InitFile(LPCTSTR LpszFile,HANDLE LphFile)
{
LphFile = CreateFile(
LpszFile, // create MYFILE.TXT
GENERIC_WRITE, // open for writing
0, // do not share
NULL, // no security
CREATE_ALWAYS, // overwrite existing
FILE_ATTRIBUTE_NORMAL | // normal file
FILE_FLAG_OVERLAPPED, // asynchronous I/O
NULL
); // no attr. template if (LphFile == INVALID_HANDLE_VALUE)
{
return FALSE;
}
return TURE;
}BOOL IsPE(HANDLE hFile)
{
WORD temp;
DWORD dwEntryPoint;
DWORD dwRead;
DWORD dwOffset; SetFilePointer(hFile, 0, NULL, FILE_BEGIN);
ReadFile(hFile, &temp, 2, &dwRead, NULL);
if (temp != 'ZM')
return FALSE;
SetFilePointer(hFile, 0x3C, NULL, FILE_BEGIN);
ReadFile(hFile, &dwOffset, 4, &dwRead, NULL);
SetFilePointer(hFile, dwOffset, NULL, FILE_BEGIN);
ReadFile(hFile, &temp, 2, &dwRead, NULL);
if (temp != 'EP')
return FALSE;
SetFilePointer(hFile, dwOffset+0x16, NULL, FILE_BEGIN);
ReadFile(hFile, &temp, 2, &dwRead, NULL);
SetFilePointer(hFile, dwOffset+0x28, NULL, FILE_BEGIN);
ReadFile(hFile, &dwEntryPoint, 4, &dwRead, NULL);
if (dwEntryPoint == 0)
return FALSE;
if ((temp & 0x2000) != 0)
bDLL = TRUE;
else
bDLL = FALSE;
SetFilePointer(hFile, 0, NULL, FILE_BEGIN);
return TRUE;
}AddSectionn(HANDLE LphFile,LPCTSTR LpszFileName,DWORD dwVirtualSize,DWORD dwVirtualAddress,DWORD dwRawSize,DWORD dwCharacteristics)
{/*初始化data*/
DWORD dwNum;
DWORD dwOffset;
DWROD dwSecNum;
SECTION DataWrite;
SECTION TEMP;
char* ZeroData = calloc(dwRawSize);
ZeroMemory(&DataWrite,0x28);
DataWrite.dwVirtualSize = dwVirtualSize;
DataWrite.dwVirtualAddress = dwVirtualAddress;
DataWrite.dwSizeOfRawData = dwRawSize;
DataWrite.dwCharacteristics = dwCharacteristics;/*写入*/
SetFilePointer(LphFile, 0x3C, NULL, FILE_BEGIN);
ReadFile(LphFile, &dwOffset, 4, &dwNum, NULL);
SetFilePointer(LphFile, dwOffset + 0x6, NULL, FILE_BEGIN);
ReadFile(LphFile, &dwSecNum, 2, &dwNum,NULL);
if(0 < ++dwSecNum)
{
WriteFile(LphFile, &dwSecNum,2, &dwNum,NULL);
}
if(dwOffset +=(0xf8 + (dwSecNum - 2)*0x28) )
{
SetFilePointer(LphFile, dwOffset, NULL, FILE_BEGIN);
ReadFile(LphFile, &TEMP,0x28,&dwNum,NULL);
DataWrite.LpPointerToRawData = TEMP.LpPointerToRawData + TEMP.DwSizeToRawData;
}
if(dwOffset += 0x28)
{
SetFilePonter(LphFile, dwOffset,NULL, FILE_BEGIN);
WriteFile(LphFile,&dwDataWrite, 0x28,&dwNum,NULL);
if(DataWrite.LpPointerToRawData)
{
SetFilePonter(LphFile, DataWrite.LpPointerToRawData,NULL, FILE_BEGIN);
WriteFile(LphFile,ZeroData, dwRawSize,&dwNum,NULL);
}
}}
先判断PE头是否有足够的空间插入一个节目录,如果可以,根据文件头的信息生成节目录并添加节,包括节的偏移大小什么的,然后修正PE头相关的项目
建议LZ先熟悉PE文件的格式,不然的话,拿到代码也没有意义,看起来会很痛苦,那样浪费时间,我一般用汇编实现
http://download.csdn.net/source/728345
一份PE文件修改的VC源码
http://www.onegreen.net/code/HTML/11373.html
PE文件添加节显示启动信息(ASM)
http://dev.csdn.net/article/15/15234.shtm