zoukankan      html  css  js  c++  java
  • 手动加入PE文件数字签名信息及格式具体解释图之下(历史代码,贴出学习)

    #include <windows.h> 
    HANDLE hWriteFileHandle = NULL ; 
    HANDLE hReadFileHandle = NULL ; 
    HANDLE hFileMapping = NULL ; 
    LPVOID lpVoidFileBaseAddress = NULL ; 
    IMAGE_DOS_HEADER * lpidh_Dos_Header= NULL ; 
    IMAGE_NT_HEADERS * lpinh_NTHeader= NULL ; 
    
    #define RETURN_FAIL -1
    #define RETURN_SUCC  1
    
    
    typedef struct __DIGITAL_SIGNATURE_DATA_PARAM
    {
        DWORD dwVirtulAddress;
        DWORD dwSize;
    }
    
    SIGNATURE_DATA_PARAM,LPSIGNATURE_DATA_PARAM;
    
    #include <iostream>
    using namespace std;
    
    void UsingFuction()
    {
        cout<<"---------import cer to exe---------------->>"<<endl;
        cout<<"--EX:srcpath[*.cer] despath [*.exe]------->>"<<endl;
        cout<<"------------------------------------------>>"<<endl;
    }
    int main( int argc,char **argv) 
    { 
        switch (argc)
        {
        case 1:
            cout<<"help using usage -h"<<endl;
            break;
        case 2:
            {
                if (strcmp(argv[1],"-h"))
                {
                    UsingFuction();
                    return RETURN_FAIL;
                }
            }
            break;
        case 3:
            cout<<"all argument is ok"<<endl;
            break;
        default:
            cout<<"argument is error"<<endl;
            break;
        }
        if (argc!=3)
        {
            UsingFuction();
            return RETURN_FAIL;
        }
        TCHAR* lpcerFilePath=argv[1];
        TCHAR* lpPeFilePath=argv[2];
        hWriteFileHandle = CreateFile(lpPeFilePath, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ, NULL , 
        OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL ) ; 
        if ( hWriteFileHandle==INVALID_HANDLE_VALUE ) 
            return RETURN_FAIL; 
        hFileMapping = CreateFileMapping( hWriteFileHandle, NULL , PAGE_READWRITE, 0, 0, NULL ) ; 
        if ( ! hFileMapping ) 
        { 
            CloseHandle( hWriteFileHandle) ; 
            return RETURN_FAIL; 
        } 
        lpVoidFileBaseAddress = MapViewOfFile( hFileMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0) ; 
        if ( ! lpVoidFileBaseAddress ) 
        { 
            CloseHandle( hFileMapping) ; 
            CloseHandle( hWriteFileHandle) ; 
            return RETURN_FAIL; 
        } 
        lpidh_Dos_Header = (PIMAGE_DOS_HEADER) lpVoidFileBaseAddress; 
        if ( lpidh_Dos_Header->e_magic!=IMAGE_DOS_SIGNATURE ) 
            return RETURN_FAIL; 
    
        lpinh_NTHeader=(PIMAGE_NT_HEADERS)((char*)lpVoidFileBaseAddress+lpidh_Dos_Header->e_lfanew) ; 
        if ( lpinh_NTHeader->Signature!=IMAGE_NT_SIGNATURE ) 
            return RETURN_FAIL; 
        //
    
        SIGNATURE_DATA_PARAM sdp;
        sdp.dwVirtulAddress=lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress;
        sdp.dwSize=lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
    
        //if exist sn
        if (sdp.dwSize!=0)
        {
            //
            return RETURN_FAIL;
        }
        //
        hReadFileHandle = CreateFile(lpcerFilePath, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL ,
        OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE, NULL ) ; 
        if ( hReadFileHandle==INVALID_HANDLE_VALUE ) 
            return RETURN_FAIL; 
        DWORD dwReadedSize=0;   
        DWORD dwWritedSize=0;
    
        SetFilePointer(hReadFileHandle,-4,0,FILE_END);
        ReadFile(hReadFileHandle,&sdp.dwSize,sizeof(DWORD),&dwReadedSize,NULL);
    
        PBYTE pbBufferSignture=new byte[sdp.dwSize];
        SetFilePointer(hReadFileHandle,0,0,FILE_BEGIN);
        ReadFile(hReadFileHandle,pbBufferSignture,sdp.dwSize,&dwReadedSize,NULL);
    
        PIMAGE_SECTION_HEADER lppsh_SECTION_HEADER=(PIMAGE_SECTION_HEADER)((DWORD)&lpinh_NTHeader->OptionalHeader+lpinh_NTHeader
        ->FileHeader.SizeOfOptionalHeader);
        lppsh_SECTION_HEADER=lppsh_SECTION_HEADER+(lpinh_NTHeader->FileHeader.NumberOfSections-1);
        sdp.dwVirtulAddress=lppsh_SECTION_HEADER->PointerToRawData+lppsh_SECTION_HEADER->SizeOfRawData;
    
        SetFilePointer(hWriteFileHandle,sdp.dwVirtulAddress,0,FILE_BEGIN);
        WriteFile(hWriteFileHandle,pbBufferSignture,sdp.dwSize,&dwWritedSize,NULL);
    
        lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress=sdp.dwVirtulAddress;
        lpinh_NTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size=sdp.dwSize;
        delete pbBufferSignture;
    
        UnmapViewOfFile( lpVoidFileBaseAddress) ; 
        CloseHandle( hFileMapping); 
        CloseHandle( hReadFileHandle); 
        CloseHandle(hWriteFileHandle);
    
    
        return RETURN_SUCC; 
    } 
    

  • 相关阅读:
    Redis5排序
    Redis5 常用命令
    Redis5事务 和Watch
    PHP7 ini 配置大全
    PHP 开发者大会
    go and git 代理
    laravel 记录sql语句
    Vue,laravel , laravels 项目在nginx 配置文件
    python selenium right click on an href and choose Save link as... on Chrome.
    selenium借助AutoIt识别上传(下载)详解
  • 原文地址:https://www.cnblogs.com/mfrbuaa/p/5156619.html
Copyright © 2011-2022 走看看