1、利用现有win2000 sp4系统的netapi32.dll发现目前大多数系统已经打上补丁,带补丁的ida代码如下:
signed int __stdcall NetpwPathCanonicalize(wchar_t *Str, wchar_t *lpWideCharStr, int a3, wchar_t *Source, int a5, int a6)
{
wchar_t *v6; // ebx@1
int v7; // esi@3
wchar_t *v8; // eax@5
signed int result; // eax@6
v6 = Source;
v7 = !Source || !*Source;
v8 = *(wchar_t **)a5;
Source = *(wchar_t **)a5;
if ( a6 & 0x7FFFFFFE )
{
result = 87;
}
else
{
if ( v8 || (result = NetpwPathType(Str, (int)&Source, 0)) == 0 )
{
if ( v7 || (result = NetpwPathType(v6, (int)&a6, 0)) == 0 )
{
if ( a3 )
{
*lpWideCharStr = 0;
result = sub_7517FC68(v6, Str, lpWideCharStr, a