pe文件中在节表中添加一个段。利用内存映射文件对文件进行操作,然后写入一个新的文件内。纯练习。但是被写入后的文件执行出现问题了,不知道什么原因。理论上在exe文件对齐方式是0x1000,然后在节表后添加一个节表不会影响pe文件的其他内容。唯一修改的是区块的数量pNTHeaders->FileHeader.NumofSections++;自加一次,表示区段加一。然后在运行程序就是不是一个有效的win32程序。是不是要修改其他地方呀?求解。上代码:代码纯是练习。
vc6.0 控制台下的。
HANDLE hOpenFile = CreateFile("C:\\bingle.exe",GENERIC_ALL,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
HANDLE hCreateFileMapping;
DWORD dwFileSize;
dwFileSize = GetFileSize(hOpenFile,0);
hCreateFileMapping = CreateFileMapping(hOpenFile,NULL,PAGE_EXECUTE_READWRITE,0,0,NULL); LPVOID lpMapBase;
lpMapBase = MapViewOfFile(hCreateFileMapping,FILE_MAP_WRITE,0,0,0); IMAGE_DOS_HEADER *pDosHeader;
IMAGE_NT_HEADERS *pNTHeaders;
// IMAGE_DATA_DIRECTORY *pDataDirectory;
IMAGE_SECTION_HEADER *pSectionHeader; pDosHeader = (IMAGE_DOS_HEADER *)lpMapBase;
pNTHeaders = (IMAGE_NT_HEADERS *)((BYTE *)lpMapBase + pDosHeader->e_lfanew);
pSectionHeader = (IMAGE_SECTION_HEADER *)((BYTE *)lpMapBase + pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS));
//printf("0x%x\n",pSectionHeader);
// printf("0x%x\n",pDosHeader);
int i=0;
while(i<pNTHeaders->FileHeader.NumberOfSections)
i++;
char SectionName[8]=".bingle";
pSectionHeader = pSectionHeader+i;
IMAGE_SECTION_HEADER *pNewSection = (IMAGE_SECTION_HEADER *)pSectionHeader;
//pNewSection->Name[8] = (BYTE)".bingle";
pNewSection->Characteristics = 0xE0000020;
pNewSection->NumberOfLinenumbers =0;
pNewSection->NumberOfRelocations = 0;
pNewSection->VirtualAddress = 0x12345678;
pNewSection->Misc.VirtualSize = 0x1000;
pNewSection->SizeOfRawData = 0x200;
pNewSection->PointerToRawData = 0x88888888;
for(int j=0;j<8;j++)
{
pNewSection->Name[j]=SectionName[j];
}
pNTHeaders->FileHeader.NumberOfSections++;
DWORD dwWritten;
HANDLE hNewFile = CreateFile("C:\\huihui.exe",GENERIC_ALL,FILE_SHARE_WRITE,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hNewFile == INVALID_HANDLE_VALUE)
{
printf("创建新文件失败\n");
CloseHandle(hCreateFileMapping);
CloseHandle(hOpenFile);
}
WriteFile(hNewFile,lpMapBase,dwFileSize,&dwWritten,NULL);
UnmapViewOfFile(lpMapBase);
CloseHandle(hCreateFileMapping);
CloseHandle(hOpenFile);
CloseHandle(hNewFile);
vc6.0 控制台下的。
HANDLE hOpenFile = CreateFile("C:\\bingle.exe",GENERIC_ALL,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
HANDLE hCreateFileMapping;
DWORD dwFileSize;
dwFileSize = GetFileSize(hOpenFile,0);
hCreateFileMapping = CreateFileMapping(hOpenFile,NULL,PAGE_EXECUTE_READWRITE,0,0,NULL); LPVOID lpMapBase;
lpMapBase = MapViewOfFile(hCreateFileMapping,FILE_MAP_WRITE,0,0,0); IMAGE_DOS_HEADER *pDosHeader;
IMAGE_NT_HEADERS *pNTHeaders;
// IMAGE_DATA_DIRECTORY *pDataDirectory;
IMAGE_SECTION_HEADER *pSectionHeader; pDosHeader = (IMAGE_DOS_HEADER *)lpMapBase;
pNTHeaders = (IMAGE_NT_HEADERS *)((BYTE *)lpMapBase + pDosHeader->e_lfanew);
pSectionHeader = (IMAGE_SECTION_HEADER *)((BYTE *)lpMapBase + pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS));
//printf("0x%x\n",pSectionHeader);
// printf("0x%x\n",pDosHeader);
int i=0;
while(i<pNTHeaders->FileHeader.NumberOfSections)
i++;
char SectionName[8]=".bingle";
pSectionHeader = pSectionHeader+i;
IMAGE_SECTION_HEADER *pNewSection = (IMAGE_SECTION_HEADER *)pSectionHeader;
//pNewSection->Name[8] = (BYTE)".bingle";
pNewSection->Characteristics = 0xE0000020;
pNewSection->NumberOfLinenumbers =0;
pNewSection->NumberOfRelocations = 0;
pNewSection->VirtualAddress = 0x12345678;
pNewSection->Misc.VirtualSize = 0x1000;
pNewSection->SizeOfRawData = 0x200;
pNewSection->PointerToRawData = 0x88888888;
for(int j=0;j<8;j++)
{
pNewSection->Name[j]=SectionName[j];
}
pNTHeaders->FileHeader.NumberOfSections++;
DWORD dwWritten;
HANDLE hNewFile = CreateFile("C:\\huihui.exe",GENERIC_ALL,FILE_SHARE_WRITE,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hNewFile == INVALID_HANDLE_VALUE)
{
printf("创建新文件失败\n");
CloseHandle(hCreateFileMapping);
CloseHandle(hOpenFile);
}
WriteFile(hNewFile,lpMapBase,dwFileSize,&dwWritten,NULL);
UnmapViewOfFile(lpMapBase);
CloseHandle(hCreateFileMapping);
CloseHandle(hOpenFile);
CloseHandle(hNewFile);
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货