DWORD dwMagic;
DWORD i;
BYTE dwCode;
DWORD dwAddr;
dwStartMap = SH->VirtualAddress + (DWORD)MapOfFile;//¶ÎÏÖÔÚÊ×µØÖ·
dwEndMap = SH->Misc.VirtualSize + dwStartMap;//¶ÎÏÖÔÚÄ©µØÖ·
i = 0;
for (dwMagic=1; dwMagic <0xFF; dwMagic++)
{
if (i == dwEndMap)
break ;
for (i=dwStartMap; i <dwEndMap; i++)
{
dwCode = *(LPBYTE)i;
if (dwCode == 0xE8 || dwCode == 0xE9)//call»òjmp
{
dwAddr = i + 5 + *(LPDWORD)(i+1);//ÌøתµÄÄ¿µÄµØÖ·
if (dwAddr>dwStartMap && dwAddr <dwEndMap)
continue ; //¶ÎÄÚתÒÆ
dwCode = *(LPBYTE)(i+1);//¶Î¼äתÒÆ£¬*(LPBYTE)(i+1)ÊÇÆ«ÒÆÁ¿µÄµÍ×Ö½Ú°É£¬±£´æµ½dwCodeÓÐʲôÓã¿Ê²Ã´Âß¼£¿
if (dwCode == dwMagic)
break ; //ΪʲôÕâÑù×ö£¬Æ«ÒÆÁ¿µÄµÍ×Ö½ÚΪѻ·µÄdwMagicµÄ¸ÅÂʺÜС°¡£¬¶øÇұȽÏÀàÐÍÒ²²»Ò»ÖÂ
}
}
}//Õâ¸öÁ½²ãforÍêÁË£¬Ã»ÓÐ×öÈκβÙ×÷£¬Î¨ÓÐdwAddr±£´æÁË×îºó¸öcall»òjmpµÄÌøתµØÖ·£¬dwCodeÇ¡ºÃÊÇdwMagicµÄÖµ-¿ÉÄÜÐÔºÜС
DWORD dwMagic;
DWORD i;
BYTE dwCode;
DWORD dwAddr;
dwStartMap = SH->VirtualAddress + (DWORD)MapOfFile;//¶ÎÏÖÔÚÊ×µØÖ·
dwEndMap = SH->Misc.VirtualSize + dwStartMap;//¶ÎÏÖÔÚÄ©µØÖ·
i = 0;
for (dwMagic=1; dwMagic <0xFF; dwMagic++)
{
if (i == dwEndMap)
break ;
ÎÒ¿´Ñ§Éú±È½Ï¶à...
¶îÊÇÒµÓàµÄ¡¡
żÊÇÒµÓàѧÉú
ÎÒ±¾À´ÏëѧcÇÖÈëʽѧϰ
¿É¾õµÃѧjavaÈÝÒ×Щ
ËùÒÔ¸ÄΪj2ee·½Ïò
¿´À´ÎҵĹÀ¼ÆÊÇ׼ȷµÄ, ÒòΪ´ó²¿·Ö¹¤×÷µÄÈ˶¼ÓÃc++»òÕßjava, .NETÖ®Àà...
c/php/p ......
ÎÒ¸öÈ˸оõÓеĵط½Ã»±ØÒª¿´£¬·±ËöµÃºÝ£¬ÓÃ×Ô¼º×ܽáµÄ·½·¨¸üºÃ£¬´ó¼Ò˵˵×Ô¼ºµÄÒâ¼û
ÎҸоõ±ã½Ý¼ÆËãÓë²»¶Ô³Æ±ß½çÍêÈ«¸ù¾Ý×Ô¼ºµÄ¾ÑéÀ´£¬Óò»×Å¿´Å¶£¬´ó¼Ò˵˵
Äã¿´²»¿´ÄÇÊÇÄãµÄÊÂ
Æäʵ¶¼ÊÇ»ù´¡µÄ¶«Î÷À²
......
ÏÂÃæÊÇÎÒдµÄ¹ØÓÚ¸ß˹ÁÐÖ÷ÏûÔª·¨µÄC³ÌÐòʵÏÖ·½·¨¡£µ«ÊÇÇó½â½á¹ûʼÖÕ²»ÕýÈ·°¡£¡¼ì²éºÜ¾ÃÁË£¬»¹ÊǼì²é²»³öÀ´£¬Âé·³ÄÄλ´ó¸ç¸øÖ¸µãÏ°ɣ¡ÏÈO(¡É_¡É)OллÁË£¡
³ÌÐò´úÂ룺
C/C++ code:
#include <stdio.h ......
