添加区段的c++代码
本帖最后由 zapline 于 2009-9-7 19:34 编辑面向过程的,应该比较容易阅读
#include "windows.h"
#include <stdio.h>
#include <assert.h>
#define SECTION_SIZE 0x1000
#define SECTION_NAME ".zapline"
BOOL AddSection(LPCSTR fileName);
int Align(int size, int base);
int main()
{
char a="";
scanf("%s",a);
if ( AddSection(a) )
{
MessageBox(NULL,"成功!","",MB_OK);
}
else
{
MessageBox(NULL,"失败!","",MB_OK);
}
return 0;
}
BOOL AddSection(LPCSTR fileName)
{
IMAGE_DOS_HEADER *dosHeader;
IMAGE_NT_HEADERS *ntHeader;
IMAGE_SECTION_HEADER *sectionHeader;
IMAGE_SECTION_HEADER *newSectionHeader;
IMAGE_SECTION_HEADER *lastSectionHeader;
int numOfSections;
int FILE_ALIGN_MENT;
int SECTION_ALIGN_MENT;
HANDLE hFile=CreateFile(fileName,GENERIC_READ|GENERIC_WRITE,0,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
if(hFile==INVALID_HANDLE_VALUE)
{
MessageBox(NULL,"open file failed!","",MB_OK);
return FALSE;
}
HANDLE hMap=CreateFileMapping(hFile,NULL,PAGE_READWRITE,NULL,NULL,NULL);
if(hMap==INVALID_HANDLE_VALUE)
{
MessageBox(NULL,"create map failed!","",MB_OK);
return FALSE;
}
LPVOID lpBase=MapViewOfFile(hMap,FILE_MAP_WRITE,0,0,0);
if(lpBase==NULL)
{
MessageBox(NULL,"get view failed!","",MB_OK);
return FALSE;
}
dosHeader=(IMAGE_DOS_HEADER*)lpBase;
if (dosHeader->e_magic!=IMAGE_DOS_SIGNATURE)
{
MessageBox(NULL,"not PE file!","",MB_OK);
return FALSE;
}
ntHeader=(IMAGE_NT_HEADERS*)((BYTE*)lpBase+dosHeader->e_lfanew);
if(ntHeader->Signature!=IMAGE_NT_SIGNATURE)
{
MessageBox(NULL,"not FE file!","",MB_OK);
return FALSE;
}
FILE_ALIGN_MENT = ntHeader->OptionalHeader.FileAlignment;
SECTION_ALIGN_MENT = ntHeader->OptionalHeader.SectionAlignment;
numOfSections = ntHeader->FileHeader.NumberOfSections;
ntHeader->FileHeader.NumberOfSections++;
sectionHeader = (IMAGE_SECTION_HEADER*)((DWORD)ntHeader+sizeof(IMAGE_NT_HEADERS));
lastSectionHeader = (IMAGE_SECTION_HEADER *)§ionHeader;
newSectionHeader = (IMAGE_SECTION_HEADER *)§ionHeader;
memset(newSectionHeader,0,sizeof(IMAGE_SECTION_HEADER));
strncpy((char*)newSectionHeader->Name,SECTION_NAME,strlen(SECTION_NAME));
newSectionHeader->VirtualAddress = lastSectionHeader->VirtualAddress+Align(lastSectionHeader->Misc.VirtualSize,SECTION_ALIGN_MENT);
// ntHeader->OptionalHeader.AddressOfEntryPoint = newSectionHeader->VirtualAddress;
newSectionHeader->Misc.VirtualSize = Align(3000,SECTION_ALIGN_MENT);
newSectionHeader->PointerToRawData = lastSectionHeader->PointerToRawData+Align(lastSectionHeader->SizeOfRawData,FILE_ALIGN_MENT);
newSectionHeader->SizeOfRawData = Align(SECTION_SIZE, FILE_ALIGN_MENT);
newSectionHeader->Characteristics = 0xE0000020;
ntHeader->OptionalHeader.SizeOfCode = ntHeader->OptionalHeader.SizeOfCode+Align(SECTION_SIZE, FILE_ALIGN_MENT);
printf("%x--%x",ntHeader->OptionalHeader.SizeOfImage,Align(SECTION_SIZE,SECTION_ALIGN_MENT));
ntHeader->OptionalHeader.SizeOfImage = ntHeader->OptionalHeader.SizeOfImage+Align(SECTION_SIZE, SECTION_ALIGN_MENT);
FlushViewOfFile(lpBase,0);
UnmapViewOfFile(lpBase);
CloseHandle(hMap);
if(SetFilePointer(hFile,SECTION_SIZE,NULL,FILE_END)==-1)
{
MessageBox(NULL,"set file pointer failed!","",MB_OK);
return FALSE;
}
if(!SetEndOfFile(hFile))
{
MessageBox(NULL,"set file end failed!","",MB_OK);
return FALSE;
}
CloseHandle(hFile);
return TRUE;
}
int Align(int size, int base)
{
int ret,result;
assert( 0 != base);
result = size % base;
result != 0 ? ret = ((size / base) + 1) * base : ret = size;
return ret;
} :)你的东西一定得看看 ,占位,学习一下! 检测条件不少...
页:
[1]