|
|
3驿站币
#include "stdafx.h"
#include <windows.h>
#include <malloc.h>
#include "Globle.h"
//测试函数之 向代码段空闲区添加代码
#define FILEPATH_IN "D:\\飞鸽 1.exe"
#define FILEPATH_OUT "D:\\飞鸽 1_New.exe"
#define MESSAGEBOXADDR 0x76321F70
#define SHELLCODELENGTH 0x12
BYTE shellCode[] = {
0x6A,00, 0x6A,00, 0x6A,00, 0x6A,00,
0xE8,00, 00,00,00,
0xE9,00, 00,00,00
};
VOID TestAddCodeInCodeSec()
{
PIMAGE_DOS_HEADER pDosHeader = NULL;
PIMAGE_OPTIONAL_HEADER32 pOptionHeader = NULL;
PIMAGE_SECTION_HEADER pSectionHeader = NULL;
LPVOID pFileBuffer = NULL;
LPVOID pImageBuffer = NULL;
LPVOID pNewBuffer = NULL;
PBYTE codeBegin = NULL;
BOOL siOK = FALSE;
DWORD size = 0;
//File->FileBuffer
ReadPEFile(FILEPATH_IN, &pFileBuffer);
if(!pFileBuffer)
{ printf("File->FileBuffer失败");
return;
}
//FileBuffer->ImageBuffer
CopyFileBufferToImageBuffer(pFileBuffer,&pImageBuffer); //★★★★★★★我把断点下到最上面,然后单步下来,可是走到这里时出现00000005错误, 请问各位老师 这是什么原因????
if(!pImageBuffer)
{ printf("FileBuffer->ImageBuffer失败");
free(pFileBuffer);
return;
}
//判断代码段空闲区的大小能否存得下shellCode代码 (shellCode已经在上面全局里定义过了)
pDosHeader = (PIMAGE_DOS_HEADER)pImageBuffer;
pOptionHeader = (PIMAGE_OPTIONAL_HEADER32)(((DWORD)pImageBuffer + pDosHeader->e_lfanew) + 4 + IMAGE_SIZEOF_FILE_HEADER); //其中IMAGE_SIZEOF_FILE_HEADER 可F12跟进是20
pSectionHeader = (PIMAGE_SECTION_HEADER) (((DWORD)pImageBuffer + pDosHeader->e_lfanew) + 4 + IMAGE_SIZEOF_FILE_HEADER + IMAGE_SIZEOF_NT_OPTIONAL_HEADER);
if( ( (pSectionHeader->SizeOfRawData) - (pSectionHeader->Misc.VirtualSize) ) < SHELLCODELENGTH )
{
printf("代码空闲区空间不够");
free(pFileBuffer);
free(pImageBuffer);
}
……………………
……………………
…………………… |
上一篇: VS code 配置出错下一篇: window编程创建窗口失败
|
/2 
发表于 2019-2-26 05:01:46
