滴水PE作业添加节并在节中添加代码

最新推荐文章于 2023-03-17 19:49:52 发布

努力不当无业游民

最新推荐文章于 2023-03-17 19:49:52 发布

阅读量118

点赞数

文章标签： c++ Powered by 金山文档

本文链接：https://blog.csdn.net/qq_52442096/article/details/128731157

版权

#include<iostream>
#include<malloc.h>
#include<Windows.h>
#pragma warning(disable:4996)
using namespace std;
char insertcode[] = {
0x6A,0x00,
0x6A,0x00,
0x6A,0x00,
0x6A,0x00,
0xE8,0x00,0x00,0x00,0x00,
0xE9,0x00,0x00,0x00,0x00
};
int filelen(FILE* pfile)
{
    fseek(pfile, 0, SEEK_END);
    int result = ftell(pfile);
    rewind(pfile);
    return result;
}
int main()
{
    FILE* pfile = fopen("C://Users//52511//Desktop//fg.exe", "rb");
    FILE* newpfile = fopen("C://Users//52511//Desktop//newfg.exe", "wb");
    int length = filelen(pfile);
    char* buffer = NULL;
    buffer = (char*)malloc(sizeof(char) * length+0x1000);
    memset(buffer, 0, length + 0x1000);
    fread(buffer, 1, length, pfile);
    PIMAGE_DOS_HEADER pDosH = (PIMAGE_DOS_HEADER)(buffer);
    PIMAGE_NT_HEADERS pNTH = (PIMAGE_NT_HEADERS)(buffer + pDosH->e_lfanew);
    PIMAGE_FILE_HEADER pFH = (PIMAGE_FILE_HEADER)((char*)pNTH + 0x4);
    PIMAGE_OPTIONAL_HEADER pOH = (PIMAGE_OPTIONAL_HEADER)((char*)pFH + 0x14);
    int opHeaderLen = int(pFH->SizeOfOptionalHeader);
    PIMAGE_SECTION_HEADER pSecH = (PIMAGE_SECTION_HEADER)((char*)pOH + opHeaderLen);
    int numberOfSection = pFH->NumberOfSections;
    //printf("%p\n", MessageBox);
    int MessageBoxAddress = 0x7542B000;
    int agoSizeOfImage = pOH->SizeOfImage;
    pOH->SizeOfImage = pOH->SizeOfImage + 0x1000;
    pFH->NumberOfSections = pFH->NumberOfSections + 1;
    PVOID pSecName = &pSecH[numberOfSection].Name;
    PDWORD pSecMisc = &pSecH[numberOfSection].Misc.VirtualSize;
    PDWORD pSecVirtualAddress = &pSecH[numberOfSection].VirtualAddress;
    PDWORD pSecSizeOfRawData = &pSecH[numberOfSection].SizeOfRawData;
    PDWORD pSecPointToRawData = &pSecH[numberOfSection].PointerToRawData;
    PDWORD pSecCharacteristics = &pSecH[numberOfSection].Characteristics;
    memcpy(pSecName, ".NewSec", 8);
    *pSecMisc = 0x1000;
    *pSecVirtualAddress = agoSizeOfImage;
    *pSecSizeOfRawData = 0x1000;
    *pSecPointToRawData = agoSizeOfImage;
    *pSecCharacteristics = pSecH[0].Characteristics;
    char* codeBegin = buffer + agoSizeOfImage;
    memcpy(codeBegin, insertcode, sizeof(insertcode) / sizeof(char));
    //call
    DWORD calladder = MessageBoxAddress - (pOH->ImageBase + (DWORD)(codeBegin + 8 + 5) - (DWORD)buffer);
    *(PDWORD)(codeBegin + 0x09) = calladder;
    //jmp
    DWORD jmpadder = pOH->ImageBase + pOH->AddressOfEntryPoint - (pOH->ImageBase + (DWORD)codeBegin + 18 - (DWORD)buffer);
    *(PDWORD)(codeBegin + 0x0E) = jmpadder;
    //修改oep
    pOH->AddressOfEntryPoint = codeBegin - buffer;
    fwrite(buffer, 1, length + 0x1000, newpfile);
    fclose(pfile);
    fclose(newpfile);
    free(buffer);
    return 0;
}