如果存在这样的导入表,可能是无法运行的,这是ARM64平台,可能是微软的编译器的bug
我们写一个ARM64汇编来屏蔽这个问题,当然这个方法不一定是最好的,经过分析,这些来自onecore.lib
因此最简单的办法就是忽略默认库onecore.lib;
汇编的方法可以参考一下:
;----------------------------------------------------------------------------------------------------------------------------
;
; 解决ARM64 crt链接库的一些符号问题
;
;----------------------------------------------------------------------------------------------------------------------------
MACRO; MACRO前头必须有个空格
DEFINE_IMPENTRY $FuncName, $Target
IMPORT _$Target, WEAK $Target
EXPORT $FuncName;
MEND
MACRO; MACRO前头必须有个空格
DCQ_IMPENTRY $FuncName, $Target
$FuncName DCQ _$Target
MEND
;-------------------------------------------------------------------------------------------------------------------------定义导入和导出
DEFINE_IMPENTRY __imp_IsDebuggerPresent, crack_IsDebuggerPresent
DEFINE_IMPENTRY __imp_OutputDebugStringW, crack_OutputDebugStringW
DEFINE_IMPENTRY __imp_SetUnhandledExceptionFilter, crack_SetUnhandledExceptionFilter
DEFINE_IMPENTRY __imp_InitializeSListHead, crack_InitializeSListHead
DEFINE_IMPENTRY __imp_GetModuleHandleW, crack_GetModuleHandleW
DEFINE_IMPENTRY __imp_GetCurrentThreadId, crack_GetCurrentThreadId
DEFINE_IMPENTRY __imp_GetStartupInfoW, crack_GetStartupInfoW
DEFINE_IMPENTRY __imp_GetCurrentProcessId, crack_GetCurrentProcessId
DEFINE_IMPENTRY __imp_QueryPerformanceCounter, crack_QueryPerformanceCounter
DEFINE_IMPENTRY __imp_GetSystemTimeAsFileTime, crack_GetSystemTimeAsFileTime
DEFINE_IMPENTRY __imp_HeapWalk, crack_HeapWalk
DEFINE_IMPENTRY __imp_HeapLock, crack_HeapLock
DEFINE_IMPENTRY __imp_HeapUnlock, crack_HeapUnlock
DEFINE_IMPENTRY __imp_ReleaseMutex, crack_ReleaseMutex
DEFINE_IMPENTRY __imp_WaitForSingleObject, crack_WaitForSingleObject
DEFINE_IMPENTRY __imp_CreateMutexW, crack_CreateMutexW
DEFINE_IMPENTRY __imp_LeaveCriticalSection, crack_LeaveCriticalSection
DEFINE_IMPENTRY __imp_EnterCriticalSection, crack_EnterCriticalSection
DEFINE_IMPENTRY __imp_GetFileSizeEx, crack_GetFileSizeEx
DEFINE_IMPENTRY __imp_CreateFileW, crack_CreateFileW
DEFINE_IMPENTRY __imp_WriteFile, crack_WriteFile
DEFINE_IMPENTRY __imp_LocalFileTimeToFileTime, crack_LocalFileTimeToFileTime
DEFINE_IMPENTRY __imp_ReadFile, crack_ReadFile
DEFINE_IMPENTRY __imp_SetFilePointerEx, crack_SetFilePointerEx
DEFINE_IMPENTRY __imp_CloseHandle, crack_CloseHandle
DEFINE_IMPENTRY __imp_SystemTimeToFileTime, crack_SystemTimeToFileTime
DEFINE_IMPENTRY __imp_SetLastError, crack_SetLastError
DEFINE_IMPENTRY __imp_TlsFree, crack_TlsFree
DEFINE_IMPENTRY __imp_TlsSetValue, crack_TlsSetValue
DEFINE_IMPENTRY __imp_TlsAlloc, crack_TlsAlloc
DEFINE_IMPENTRY __imp_OpenThread, crack_OpenThread
DEFINE_IMPENTRY __imp_TlsGetValue, crack_TlsGetValue
DEFINE_IMPENTRY __imp_RegOpenKeyExW, crack_RegOpenKeyExW
DEFINE_IMPENTRY __imp_RegCloseKey, crack_RegCloseKey
DEFINE_IMPENTRY __imp_RegQueryValueExW, crack_RegQueryValueExW
DEFINE_IMPENTRY __imp_InitializeConditionVariable, crack_InitializeConditionVariable
;DEFINE_IMPENTRY __imp_SleepConditionVariableCS, crack_SleepConditionVariableCS
;DEFINE_IMPENTRY __imp_WakeAllConditionVariable, crack_WakeAllConditionVariable
;-------------------------------------------------------------------------------------------------------------------------定义一个段来保存这些地址
AREA hack_imp, CODE, READONLY
DCQ_IMPENTRY __imp_IsDebuggerPresent, crack_IsDebuggerPresent
DCQ_IMPENTRY __imp_OutputDebugStringW, crack_OutputDebugStringW
DCQ_IMPENTRY __imp_SetUnhandledExceptionFilter, crack_SetUnhandledExceptionFilter
DCQ_IMPENTRY __imp_InitializeSListHead, crack_InitializeSListHead
DCQ_IMPENTRY __imp_GetModuleHandleW, crack_GetModuleHandleW
DCQ_IMPENTRY __imp_GetCurrentThreadId, crack_GetCurrentThreadId
DCQ_IMPENTRY __imp_GetStartupInfoW, crack_GetStartupInfoW
DCQ_IMPENTRY __imp_GetCurrentProcessId, crack_GetCurrentProcessId
DCQ_IMPENTRY __imp_QueryPerformanceCounter, crack_QueryPerformanceCounter
DCQ_IMPENTRY __imp_GetSystemTimeAsFileTime, crack_GetSystemTimeAsFileTime
DCQ_IMPENTRY __imp_HeapWalk, crack_HeapWalk
DCQ_IMPENTRY __imp_HeapLock, crack_HeapLock
DCQ_IMPENTRY __imp_HeapUnlock, crack_HeapUnlock
DCQ_IMPENTRY __imp_ReleaseMutex, crack_ReleaseMutex
DCQ_IMPENTRY __imp_WaitForSingleObject, crack_WaitForSingleObject
DCQ_IMPENTRY __imp_CreateMutexW, crack_CreateMutexW
DCQ_IMPENTRY __imp_LeaveCriticalSection, crack_LeaveCriticalSection
DCQ_IMPENTRY __imp_EnterCriticalSection, crack_EnterCriticalSection
DCQ_IMPENTRY __imp_GetFileSizeEx, crack_GetFileSizeEx
DCQ_IMPENTRY __imp_CreateFileW, crack_CreateFileW
DCQ_IMPENTRY __imp_WriteFile, crack_WriteFile
DCQ_IMPENTRY __imp_LocalFileTimeToFileTime, crack_LocalFileTimeToFileTime
DCQ_IMPENTRY __imp_ReadFile, crack_ReadFile
DCQ_IMPENTRY __imp_SetFilePointerEx, crack_SetFilePointerEx
DCQ_IMPENTRY __imp_CloseHandle, crack_CloseHandle
DCQ_IMPENTRY __imp_SystemTimeToFileTime, crack_SystemTimeToFileTime
DCQ_IMPENTRY __imp_SetLastError, crack_SetLastError
DCQ_IMPENTRY __imp_TlsFree, crack_TlsFree
DCQ_IMPENTRY __imp_TlsSetValue, crack_TlsSetValue
DCQ_IMPENTRY __imp_TlsAlloc, crack_TlsAlloc
DCQ_IMPENTRY __imp_OpenThread, crack_OpenThread
DCQ_IMPENTRY __imp_TlsGetValue, crack_TlsGetValue
DCQ_IMPENTRY __imp_RegOpenKeyExW, crack_RegOpenKeyExW
DCQ_IMPENTRY __imp_RegCloseKey, crack_RegCloseKey
DCQ_IMPENTRY __imp_RegQueryValueExW, crack_RegQueryValueExW
DCQ_IMPENTRY __imp_InitializeConditionVariable, crack_InitializeConditionVariable
;DCQ_IMPENTRY __imp_SleepConditionVariableCS, crack_SleepConditionVariableCS
;DCQ_IMPENTRY __imp_WakeAllConditionVariable, crack_WakeAllConditionVariable
END
这个汇编的编译命令行是:
armasm64 -o $(IntDir)%(fileName).obj %(fileName).asm
相关crack函数的实现
#include <windows.h>
#define DEFINE_CRACT_FUNC(RET, FNAME, PARAMS, PASSPARAM, DEFRET)\
typedef RET (WINAPI* PFN_##FNAME##defined2) PARAMS;\
static PFN_##FNAME##defined2 g_FN_##FNAME##entry2=0;\
extern "C" RET crack_##FNAME PARAMS{\
if(!g_FN_##FNAME##entry2){\
HMODULE h=0;\
if(::GetModuleHandleExW(GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,L"kernel32.dll",&h) && h)\
g_FN_##FNAME##entry2=(PFN_##FNAME##defined2) ::GetProcAddress(h,#FNAME);\
}\
if(g_FN_##FNAME##entry2){\
return g_FN_##FNAME##entry2 PASSPARAM;\
}\
return DEFRET;\
}
#define DEFINE_CRACT_FUNC_VOID(FNAME, PARAMS, PASSPARAM)\
typedef VOID (WINAPI* PFN_##FNAME##defined23) PARAMS;\
static PFN_##FNAME##defined23 g_FN_##FNAME##entry23=0;\
extern "C" VOID crack_##FNAME PARAMS{\
if(!g_FN_##FNAME##entry23){\
HMODULE h=0;\
if(::GetModuleHandleExW(GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,L"kernel32.dll",&h) && h)\
g_FN_##FNAME##entry23=(PFN_##FNAME##defined23) ::GetProcAddress(h,#FNAME);\
}\
if(g_FN_##FNAME##entry23){\
g_FN_##FNAME##entry23 PASSPARAM;\
}\
}
DEFINE_CRACT_FUNC(LPTOP_LEVEL_EXCEPTION_FILTER, SetUnhandledExceptionFilter, (LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter), (lpTopLevelExceptionFilter), 0);
DEFINE_CRACT_FUNC_VOID(InitializeSListHead, (PSLIST_HEADER ListHead), (ListHead));
DEFINE_CRACT_FUNC(HMODULE, GetModuleHandleW, (LPCWSTR lpModuleName), (lpModuleName), 0);
DEFINE_CRACT_FUNC(DWORD, GetCurrentThreadId, (VOID), (), ((DWORD)-1));
DEFINE_CRACT_FUNC_VOID(GetStartupInfoW, (LPSTARTUPINFOW lpStartupInfo), (lpStartupInfo));
DEFINE_CRACT_FUNC(DWORD, GetCurrentProcessId, (VOID), (), ((DWORD)-1));
DEFINE_CRACT_FUNC(BOOL, QueryPerformanceCounter, (LARGE_INTEGER *lpPerformanceCount), (lpPerformanceCount), 0);
DEFINE_CRACT_FUNC_VOID(GetSystemTimeAsFileTime, (LPFILETIME lpSystemTimeAsFileTime), (lpSystemTimeAsFileTime));