liou37 发表于 2020-6-10 15:15

SHA-1编码问题

// PE
// 所有树节点都使用十六进制编辑器来修改 PE 文件
//
// 00000000 - 0000003F DOS 头
//
// IMAGE_DOS_HEADER:
// 00000000 - 00000001 5A4D = e_magic
// 00000002 - 00000003 0090 = e_cblp
// 00000004 - 00000005 0003 = e_cp
// 00000006 - 00000007 0000 = e_crlc
// 00000008 - 00000009 0004 = e_cparhdr
// 0000000A - 0000000B 0000 = e_minalloc
// 0000000C - 0000000D FFFF = e_maxalloc
// 0000000E - 0000000F 0000 = e_ss
// 00000010 - 00000011 00B8 = e_sp
// 00000012 - 00000013 0000 = e_csum
// 00000014 - 00000015 0000 = e_ip
// 00000016 - 00000017 0000 = e_cs
// 00000018 - 00000019 0040 = e_lfarlc
// 0000001A - 0000001B 0000 = e_ovno
// 0000001C - 0000001D 0000 = e_res
// 0000001E - 0000001F 0000 = e_res
// 00000020 - 00000021 0000 = e_res
// 00000022 - 00000023 0000 = e_res
// 00000024 - 00000025 0000 = e_oemid
// 00000026 - 00000027 0000 = e_oeminfo
// 00000028 - 00000029 0000 = e_res2
// 0000002A - 0000002B 0000 = e_res2
// 0000002C - 0000002D 0000 = e_res2
// 0000002E - 0000002F 0000 = e_res2
// 00000030 - 00000031 0000 = e_res2
// 00000032 - 00000033 0000 = e_res2
// 00000034 - 00000035 0000 = e_res2
// 00000036 - 00000037 0000 = e_res2
// 00000038 - 00000039 0000 = e_res2
// 0000003A - 0000003B 0000 = e_res2
// 0000003C - 0000003F 000000E8 = e_lfanew
//
// 000000EC - 000000FF 文件头
//
// IMAGE_FILE_HEADER:
// 000000EC - 000000ED 014C = Machine
// 000000EE - 000000EF 0005 = NumberOfSections
// 000000F0 - 000000F3 56A1E6B1 = TimeDateStamp
// 000000F4 - 000000F7 00000000 = PointerToSymbolTable
// 000000F8 - 000000FB 00000000 = NumberOfSymbols
// 000000FC - 000000FD 00E0 = SizeOfOptionalHeader
// 000000FE - 000000FF 0102 = Characteristics
//
// 00000100 - 000001DF 可选头(32 -位)
//
// IMAGE_OPTIONAL_HEADER32:
// 00000100 - 00000101 010B = Magic
// 00000102 - 00000102 0C = MajorLinkerVersion
// 00000103 - 00000103 00 = MinorLinkerVersion
// 00000104 - 00000107 00014600 = SizeOfCode
// 00000108 - 0000010B 0000E800 = SizeOfInitializedData
// 0000010C - 0000010F 00000000 = SizeOfUninitializedData
// 00000110 - 00000113 00005F69 = AddressOfEntryPoint
// 00000114 - 00000117 00001000 = BaseOfCode
// 00000118 - 0000011B 00016000 = BaseOfData
// 0000011C - 0000011F 00400000 = ImageBase
// 00000120 - 00000123 00001000 = SectionAlignment
// 00000124 - 00000127 00000200 = FileAlignment
// 00000128 - 00000129 0006 = MajorOperatingSystemVersion
// 0000012A - 0000012B 0000 = MinorOperatingSystemVersion
// 0000012C - 0000012D 0000 = MajorImageVersion
// 0000012E - 0000012F 0000 = MinorImageVersion
// 00000130 - 00000131 0006 = MajorSubsystemVersion
// 00000132 - 00000133 0000 = MinorSubsystemVersion
// 00000134 - 00000137 00000000 = Win32VersionValue
// 00000138 - 0000013B 00027000 = SizeOfImage
// 0000013C - 0000013F 00000400 = SizeOfHeaders
// 00000140 - 00000143 0002E1A3 = CheckSum
// 00000144 - 00000145 0003 = Subsystem
// 00000146 - 00000147 8140 = DllCharacteristics
// 00000148 - 0000014B 00100000 = SizeOfStackReserve
// 0000014C - 0000014F 00001000 = SizeOfStackCommit
// 00000150 - 00000153 00100000 = SizeOfHeapReserve
// 00000154 - 00000157 00001000 = SizeOfHeapCommit
// 00000158 - 0000015B 00000000 = LoaderFlags
// 0000015C - 0000015F 00000010 = NumberOfRvaAndSizes
// 00000160 - 00000163 00000000 = Export.VirtualAddress
// 00000164 - 00000167 00000000 = Export.Size
// 00000168 - 0000016B 0001CD5C = Import.VirtualAddress
// 0000016C - 0000016F 00000064 = Import.Size
// 00000170 - 00000173 00024000 = Resource.VirtualAddress
// 00000174 - 00000177 000001E0 = Resource.Size
// 00000178 - 0000017B 00000000 = Exception.VirtualAddress
// 0000017C - 0000017F 00000000 = Exception.Size
// 00000180 - 00000183 0001F200 = Security.VirtualAddress
// 00000184 - 00000187 00001A28 = Security.Size
// 00000188 - 0000018B 00025000 = Base Reloc.VirtualAddress
// 0000018C - 0000018F 000017F0 = Base Reloc.Size
// 00000190 - 00000193 00016240 = Debug.VirtualAddress
// 00000194 - 00000197 00000038 = Debug.Size
// 00000198 - 0000019B 00000000 = Architecture.VirtualAddress
// 0000019C - 0000019F 00000000 = Architecture.Size
// 000001A0 - 000001A3 00000000 = Global Ptr.VirtualAddress
// 000001A4 - 000001A7 00000000 = Global Ptr.Size
// 000001A8 - 000001AB 00000000 = TLS.VirtualAddress
// 000001AC - 000001AF 00000000 = TLS.Size
// 000001B0 - 000001B3 0001BFA0 = Load Config.VirtualAddress
// 000001B4 - 000001B7 00000040 = Load Config.Size
// 000001B8 - 000001BB 00000000 = Bound Import.VirtualAddress
// 000001BC - 000001BF 00000000 = Bound Import.Size
// 000001C0 - 000001C3 00016000 = IAT.VirtualAddress
// 000001C4 - 000001C7 000001F4 = IAT.Size
// 000001C8 - 000001CB 00000000 = Delay Import.VirtualAddress
// 000001CC - 000001CF 00000000 = Delay Import.Size
// 000001D0 - 000001D3 00000000 = .NET.VirtualAddress
// 000001D4 - 000001D7 00000000 = .NET.Size
// 000001D8 - 000001DB 00000000 = Reserved15.VirtualAddress
// 000001DC - 000001DF 00000000 = Reserved15.Size
//
// 000001E0 - 00000207 节 #0: .text
//
// IMAGE_SECTION_HEADER:
// 000001E0 - 000001E7 .text = Name
// 000001E8 - 000001EB 0001445E = VirtualSize
// 000001EC - 000001EF 00001000 = VirtualAddress
// 000001F0 - 000001F3 00014600 = SizeOfRawData
// 000001F4 - 000001F7 00000400 = PointerToRawData
// 000001F8 - 000001FB 00000000 = PointerToRelocations
// 000001FC - 000001FF 00000000 = PointerToLinenumbers
// 00000200 - 00000201 0000 = NumberOfRelocations
// 00000202 - 00000203 0000 = NumberOfLinenumbers
// 00000204 - 00000207 60000020 = Characteristics
//
// 00000208 - 0000022F 节 #1: .rdata
//
// IMAGE_SECTION_HEADER:
// 00000208 - 0000020F .rdata = Name
// 00000210 - 00000213 000078C4 = VirtualSize
// 00000214 - 00000217 00016000 = VirtualAddress
// 00000218 - 0000021B 00007A00 = SizeOfRawData
// 0000021C - 0000021F 00014A00 = PointerToRawData
// 00000220 - 00000223 00000000 = PointerToRelocations
// 00000224 - 00000227 00000000 = PointerToLinenumbers
// 00000228 - 00000229 0000 = NumberOfRelocations
// 0000022A - 0000022B 0000 = NumberOfLinenumbers
// 0000022C - 0000022F 40000040 = Characteristics
//
// 00000230 - 00000257 节 #2: .data
//
// IMAGE_SECTION_HEADER:
// 00000230 - 00000237 .data = Name
// 00000238 - 0000023B 0000536C = VirtualSize
// 0000023C - 0000023F 0001E000 = VirtualAddress
// 00000240 - 00000243 00001400 = SizeOfRawData
// 00000244 - 00000247 0001C400 = PointerToRawData
// 00000248 - 0000024B 00000000 = PointerToRelocations
// 0000024C - 0000024F 00000000 = PointerToLinenumbers
// 00000250 - 00000251 0000 = NumberOfRelocations
// 00000252 - 00000253 0000 = NumberOfLinenumbers
// 00000254 - 00000257 C0000040 = Characteristics
//
// 00000258 - 0000027F 节 #3: .rsrc
//
// IMAGE_SECTION_HEADER:
// 00000258 - 0000025F .rsrc = Name
// 00000260 - 00000263 000001E0 = VirtualSize
// 00000264 - 00000267 00024000 = VirtualAddress
// 00000268 - 0000026B 00000200 = SizeOfRawData
// 0000026C - 0000026F 0001D800 = PointerToRawData
// 00000270 - 00000273 00000000 = PointerToRelocations
// 00000274 - 00000277 00000000 = PointerToLinenumbers
// 00000278 - 00000279 0000 = NumberOfRelocations
// 0000027A - 0000027B 0000 = NumberOfLinenumbers
// 0000027C - 0000027F 40000040 = Characteristics
//
// 00000280 - 000002A7 节 #4: .reloc
//
// IMAGE_SECTION_HEADER:
// 00000280 - 00000287 .reloc = Name
// 00000288 - 0000028B 000017F0 = VirtualSize
// 0000028C - 0000028F 00025000 = VirtualAddress
// 00000290 - 00000293 00001800 = SizeOfRawData
// 00000294 - 00000297 0001DA00 = PointerToRawData
// 00000298 - 0000029B 00000000 = PointerToRelocations
// 0000029C - 0000029F 00000000 = PointerToLinenumbers
// 000002A0 - 000002A1 0000 = NumberOfRelocations
// 000002A2 - 000002A3 0000 = NumberOfLinenumbers
// 000002A4 - 000002A7 42000040 = Characteristics





SHA-1的编译入点口在上面地方,这个程序在老版本WIN10下可正常调用,不过在1809及以上系统上会导致系统进入后黑屏。
目前只知道新版的WIN10是加入了SHA-1算法。不知道该怎么解决了。
目前才接触编译,小白一个= =!
页: [1]
查看完整版本: SHA-1编码问题


免责声明:
吾爱破解所发布的一切破解补丁、注册机和注册信息及软件的解密分析文章仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。

Mail To:Service@52pojie.cn