Skip to content

Commit

Permalink
update 未完成-导入表注入
Browse files Browse the repository at this point in the history
  • Loading branch information
@smallzhong
smallzhong committed Jul 15, 2020
1 parent 71043b4 commit e454aa0
Show file tree
Hide file tree
Showing 3 changed files with 578 additions and 1 deletion.
13 changes: 12 additions & 1 deletion readme.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,15 @@
# 滴水三期视频的课后作业

+ 里面都是自己写的滴水三期的课后作业
+ 导入表注入一直跑不起来,以后有时间再重新研究吧,写了一天写不出来。

+ 导入表注入一直跑不起来,以后有时间再重新研究吧,写了一天半写不出来。明明都已经能够成功注进去了,但是就是跑不起来

![跑不起来](https://raw.githubusercontent.com/smallzhong/picgo-pic-bed/master/20200715211020.png)

![](https://raw.githubusercontent.com/smallzhong/picgo-pic-bed/master/20200715211212.png)

而且运行写的代码的时候也是出错,初步判断是指针的问题,但是debug不出来(ノへ ̄、)

![](https://raw.githubusercontent.com/smallzhong/picgo-pic-bed/master/20200715211242.png)

但是能正常写到导入表里面说明大体是没问题的。。如果有人想看看大体是怎么做的可以看看,要是能顺便帮我debug一下提个issue告诉我就最好了qwq
86 changes: 86 additions & 0 deletions 未完成-导入表注入/Inc/head.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
#pragma once
#include <assert.h>
#include <malloc.h>
#include <stdio.h>
#include <windows.h>

#include <iostream>

using namespace std;
#pragma warning(disable : 4996)
#pragma warning(disable : 6011)
#define FILEPATH_IN "d:\\test.exe"
#define FILEPATH_OUT "e:\\out.exe"

#define EXIT_ERROR(x) \
do \
{ \
cout << "error in line " << __LINE__ << endl; \
cout << x; \
getchar(); \
exit(EXIT_FAILURE); \
} while (0)

#define FAIL_LOG(x) \
do \
{ \
cout << "test failure in line " << __LINE__ << endl; \
cout << x; \
getchar(); \
exit(EXIT_FAILURE); \
} while (0)

#define PRINT_RESULT(t_totaltest, t_successcount) \
do \
{ \
if (t_totaltest == t_successcount) \
cout << "all tests passed!" << endl; \
else \
cout << t_totaltest - t_successcount << "(" \
<< (double)(t_totaltest - t_successcount) / \
(double)t_totaltest * (double)100 \
<< "%)tests falied!" << endl; \
} while (0)

char t_NameOfNewSectionHeader[6] = { 'Y', 'U', 'C', 'H', 'U', 'A' };

DWORD ReadPEFile(IN LPCSTR file_in, OUT LPVOID* pFileBuffer);
PIMAGE_NT_HEADERS32 GetNTHeader(LPVOID pFileBuffer,
PIMAGE_DOS_HEADER* pDosHeader);
PIMAGE_DOS_HEADER GetDosHeader(LPVOID pFileBuffer);
size_t GetFileLength(LPVOID pFileBuffer);
bool RVA_TO_FOA(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pSectionHeader, IN DWORD RVA,
OUT PDWORD FOA);

bool FOA_TO_RVA(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pSectionHeader, IN DWORD FOA,
OUT PDWORD RVA);

DWORD GetRVAFunctionAddrByOrdinals(
LPVOID pFileBuffer, DWORD ord); // 返回需要查找的序号的函数对应的RVA

DWORD GetRVAFunctionAddrByName(LPVOID pFileBuffer, LPSTR name);

void CreateNewSection(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pFirstSectionHeader,
size_t file_size, size_t size_of_new_section,
LPSTR NameOfNewSetionHeader);

void SaveToFile(LPCSTR file_out, size_t file_size, IN LPVOID pFileBuffer);

void MoveRelocationTable(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pSectionHeader,
DWORD add_to_location);

void PrintBindImportTable(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pSectionHeader);

void InjectImportTable(LPVOID pFileBuffer, PIMAGE_DOS_HEADER pDosHeader,
PIMAGE_NT_HEADERS32 pNTHeader,
PIMAGE_SECTION_HEADER pSectionHeader, size_t file_size);
Loading

0 comments on commit e454aa0

Please sign in to comment.