Ergebnis 1 bis 1 von 1
  1. 11.04.2010, 17:33 #1
    wacked
    wacked ist offline
    Bad Times Virus
    Registriert seit
    14.03.2009
    Beiträge
    579

    Standard [C]EOF Builder+Server

    Credits:noble,smi2ly

    Stub:
    Code:
    #include <Windows.h>
#pragma comment(linker,"/SUBSYSTEM:windows")

int WINAPI WinMain(HINSTANCE hInst,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow)
{
    HANDLE hFile;
    char *StubData={0};
    DWORD dwFileSize,dwNumRead;
    TCHAR App_Path[MAX_PATH];
    PIMAGE_DOS_HEADER pDOS;
    PIMAGE_NT_HEADERS pNT;
    PIMAGE_SECTION_HEADER pSections;
    BYTE* pEOFData;

    GetModuleFileName(NULL,App_Path,MAX_PATH);
    hFile = CreateFile(App_Path, GENERIC_READ, FILE_SHARE_READ,NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    dwFileSize = GetFileSize(hFile, NULL);

    StubData=(char*)GlobalAlloc(GMEM_FIXED,dwFileSize);
    ReadFile(hFile, StubData, dwFileSize, &dwNumRead,NULL);
    CloseHandle(hFile);

    pDOS = (PIMAGE_DOS_HEADER)StubData;
    if(pDOS->e_magic==IMAGE_DOS_SIGNATURE)
    {
        pNT = (PIMAGE_NT_HEADERS)((char*)pDOS + pDOS->e_lfanew);
        if(pNT->Signature==IMAGE_NT_SIGNATURE)
        {
            pSections = (PIMAGE_SECTION_HEADER)((char*)pNT + sizeof(DWORD) + sizeof(IMAGE_FILE_HEADER) +
                pNT->FileHeader.SizeOfOptionalHeader);
            pEOFData = (BYTE*)pDOS + 
                pSections[pNT->FileHeader.NumberOfSections-1].PointerToRawData + 
                pSections[pNT->FileHeader.NumberOfSections-1].SizeOfRawData;
            MessageBox(NULL,"EOF Found","",MB_OK);
        }
        else
            MessageBox(NULL,"EOF Not Found (NT)","",MB_OK);
    }
    else
        MessageBox(NULL,"EOF Not Found (DOS)","",MB_OK);

    MessageBox(NULL,(const char*)pEOFData,"COOL",MB_OK);
    GlobalFree(StubData);

}
    Neuer Builder:
    Code:
    #include <windows.h>
#pragma comment(linker,"/SUBSYSTEM:windows")
#define INVALID_SET_FILE_POINTER  0xFFFFFFFF
DWORD SizeOfEOF(HANDLE FBase,DWORD bufFileSize);
int WINAPI WinMain(HINSTANCE hInst,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow)
{
    char Settings[] = "asdasfaf\0";
    char StubPath[] = "Stub.exe";
    HANDLE hFile;
    DWORD dwBytesWritten,dwFileSize,dwBytesRead,dwEOFSize;
    LPBYTE WholeStub;

    hFile = CreateFile(StubPath,GENERIC_WRITE | GENERIC_READ,0,0,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0);
    if(hFile)
    {
        dwFileSize=GetFileSize(hFile,0);
        
        char FileSize[5];
        itoa(dwFileSize,FileSize,10);
        MessageBox(0,FileSize,"Filesize:",0);
        
        WholeStub=(LPBYTE)GlobalAlloc(GMEM_FIXED,dwFileSize);
        ReadFile(hFile,WholeStub,dwFileSize,&dwBytesRead,0);
        if(dwBytesRead!=dwFileSize)
        {
            char ErrorCode[5];
            itoa(GetLastError(),ErrorCode,10);
            MessageBox(0,ErrorCode,"ReadFile():",0);    
        }
        dwEOFSize=SizeOfEOF(WholeStub,dwFileSize);
        char EOFSize[5];
        itoa(dwEOFSize,EOFSize,10);
        MessageBox(0,EOFSize,"SIZE():",0);

        if(SetFilePointer(hFile,0,0,FILE_END)==INVALID_SET_FILE_POINTER)
        {
            char ErrorCode[5];
            itoa(GetLastError(),ErrorCode,10);
            MessageBox(0,ErrorCode,"SetFilePointer1():",0);
        }
        if(SetFilePointer(hFile,-dwEOFSize,0,FILE_CURRENT)==INVALID_SET_FILE_POINTER)
        {
            char ErrorCode[5];
            itoa(GetLastError(),ErrorCode,10);
            MessageBox(0,ErrorCode,"SetFilePointer2():",0);
        }        
        WriteFile(hFile, Settings, strlen(Settings), &dwBytesWritten, 0);
        if(dwBytesWritten!=strlen(Settings))
        {
            char ErrorCode[5];
            itoa(GetLastError(),ErrorCode,10);
            MessageBox(0,ErrorCode,"WriteFile():",0);
        }
        GlobalFree(WholeStub);
    }
    else
        MessageBox(NULL, "FAIL" , "Can´t find Stub.exe" , MB_OK) ;
    CloseHandle(hFile);

}
DWORD SizeOfEOF(HANDLE FBase,DWORD bufFileSize)
{
    DWORD nSect,orFileSize,EOF_SIZE;

    PIMAGE_DOS_HEADER pMod = (PIMAGE_DOS_HEADER)FBase;

    PIMAGE_NT_HEADERS32 pNTHeader = (PIMAGE_NT_HEADERS32)((PBYTE)pMod + pMod->e_lfanew);
      nSect = pNTHeader->FileHeader.NumberOfSections;

    PIMAGE_SECTION_HEADER pSecHead = IMAGE_FIRST_SECTION32(pNTHeader);
    pSecHead+=nSect-1;
    orFileSize = pSecHead->PointerToRawData + pSecHead->SizeOfRawData;
    EOF_SIZE = bufFileSize - orFileSize;


    return EOF_SIZE;
}
    Builder:
    Code:
    #include <windows.h>
#pragma comment(linker,"/SUBSYSTEM:windows");
#define FILE_WRITE_TO_END_OF_FILE       0xffffffff

int WINAPI WinMain(HINSTANCE hInst,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow)
{
    char Settings[] = "asdasdjapfjafpüafjüfjaaaaaaaaaa";
    char StubPath[] = "Stub.exe";
    HANDLE hFile;
    DWORD dwBytesWritten,dwFileSize;
    OVERLAPPED overL;

    hFile = CreateFileA(StubPath,GENERIC_WRITE,0,0,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0);
    if(hFile)
    {
        memset(&overL, 0, sizeof(overL));
        overL.Offset = FILE_WRITE_TO_END_OF_FILE;
        overL.OffsetHigh = -1;

        WriteFile(hFile, Settings, strlen(Settings), &dwBytesWritten, &overL);
        if(dwBytesWritten==strlen(Settings))
        {
            MessageBoxA(NULL,Settings , "Option Writen to stub!" , MB_OK) ;
        }
        else
        {
                MessageBoxA(NULL,"strlen(Settings)!=dwBytesWritten" , "NOT" , MB_OK) ;
        }
    }
    else
        MessageBoxA(NULL, "FAIL" , "Can´t find Stub.exe" , MB_OK) ;
    CloseHandle(hFile);

}
    Geändert von wacked (19.06.2010 um 12:49 Uhr)
    Zitieren Zitieren
« Vorheriges Thema | Nächstes Thema »

Stichworte

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  

Foren-Regeln