当前位置: 首页>>代码示例>>C++>>正文

C++ Analysis::analysis_address_table方法代码示例

本文整理汇总了C++中Analysis::analysis_address_table方法的典型用法代码示例。如果您正苦于以下问题:C++ Analysis::analysis_address_table方法的具体用法?C++ Analysis::analysis_address_table怎么用?C++ Analysis::analysis_address_table使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Analysis的用法示例。


在下文中一共展示了Analysis::analysis_address_table方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: buildvmtest


//.........这里部分代码省略.........

  bool t_sign = table.get_sign();
  table.set_sign(true);
  long virtualmachine_address = table.assign_address(0x1024);
  table.set_sign(t_sign);
  VirtualMachine *pvm = vm.add_virtual_machine(virtualmachine_address,false);

  table.copy(virtualmachine_address,pvm->vm_info.buf,pvm->vm_info.size);     


  for (BuildCodeInfo::iterator iter = build_info.begin(); iter != build_info.end(); iter++)
  {
    long build_exec_addr = iter->build_exec_addr;
    long build_exec_size = iter->build_exec_size;
    info.buf = file.VaToPtr(build_exec_addr);
    info.addr = build_exec_addr;   
    info.size = 0x40194f - 0x4014a0;
    info.size = build_exec_size;
    if (info.size < 5)
    {
      printf("Protect Size less than 5 Byte\n");
      return;
    }
//#define VM_DEBUG_BUILD
#ifdef VM_DEBUG_BUILD
    Analysis analysis;
    std::vector<CodePiece> code_list;
    analysis.disasm(&info,code_list);
    bool next = true;
    for (std::vector<CodePiece>::iterator iter = code_list.begin();
         iter != code_list.end();iter++)
    {
        bool begin = true;
        //info.addr = 0;
        //info.buf = 0;
        if (iter->get_is_jcc())
         info.size = iter->get_piece().back().insn_offset - iter->get_piece().front().insn_offset;
        else
         info.size = iter->get_piece().back().pc - iter->get_piece().front().insn_offset;
        info.addr = iter->get_piece().front().insn_offset;
        info.buf = section.VaToPtr(info.addr);

        if (info.size < 5 )
        {
            printf("编译的地址不能小于5Byte,这段指令编译失败\n");
            //return;
            continue;
        }
        void * ptr_old_code = info.buf;
        size_t old_code_size = info.size;
        long old_addr = info.addr;
        BuildVMByteCode build(&vm,&info,&table);
        memset(ptr_old_code,0x90,old_code_size);
        add_jmp_addr(file,old_addr,info.addr);
    }
#else
    void * ptr_old_code = info.buf;
    size_t old_code_size = info.size;

    Analysis analysis;
    std::vector<long> addr_table;
    std::vector<long*> addr_entry_point;
    analysis.analysis_address_table(&info,addr_table,section.GetSectionMinAddress(),section.GetSectionMaxAddress());
    get_table_addr(section,addr_table,addr_entry_point);

    BuildVMByteCode build(&vm,&info,&table,addr_entry_point);
    memset(ptr_old_code,0,old_code_size);
    add_jmp_addr(file,build_exec_addr,info.addr);    
#endif
  }


  FILE *pfile;

  //  VirtualMachine *pvm = vm.rand_virtual_machine();


  //t_sign = table.get_sign();
  //table.set_sign(true);
  //  long virtualmachine_address = table.assign_address(pvm->vm_info.size);
  //table.set_sign(t_sign);

  //  table.copy(virtualmachine_address,pvm->vm_info.buf,pvm->vm_info.size);

  section_size = (unsigned long)( table.buffer_size);
  section.AddSection(".WProtect",section_size,0xE0000020);
  section.WriteSectionData(file.GetSectionCount()-1,0,
      (unsigned char*)table.buffer,(unsigned long *)&table.buffer_size);
  char new_file_name[256];
  memset(new_file_name,0,256);
  memcpy(new_file_name,build_exec_name,strlen(build_exec_name)-3); 
  strcat(new_file_name,"wp.exe");
  file.SavePEFile(new_file_name);
  printf("Out File:%s\n",new_file_name);
  //pfile = fopen( "virtualmachine","wb" );
  //fwrite( pvm->vm_info.buf,1,pvm->vm_info.size,pfile );
  //fclose( file );

  //delete [  ] buf;
}
开发者ID:pentestit,项目名称:WProtect,代码行数:101,代码来源:main.cpp

示例2: buildvm_test

void buildvm_test(BuildExeInfo & build_info)
{
    char * build_exec_name = build_info.get_filename();
    printf("待处理文件:%s\n", build_exec_name);

    CPEFile file;
    if (!file.LoadPEFile(build_exec_name))
    {
        printf("file is not find!\n");
        return;
    }

    CPEReloc reloc;
    reloc = file;
    reloc.DeleteReloc();
    reloc.GetBaseReloc();

    CPESection section;
    section = file;
    printf ("一共有%d个区段\n", section.GetSectionCount());

    get_wprotect_sdk_address(section,build_info,"WProtect Begin","WProtect End");

    VMAddressTable table( section.GetNewSectionBase(), 1024, false );

    bool t_sign = table.get_sign();
    table.set_sign(true);
    long virtualmachine_address = table.assign_address(4096);
    table.set_sign(t_sign);

    VirtualMachineManage vm;
    VirtualMachine *pvm = vm.add_virtual_machine(virtualmachine_address,false);

    table.copy(virtualmachine_address,pvm->vm_info.buf,pvm->vm_info.size);

    CodeBufferInfo Code;
    for (BuildExeInfo::iterator iter = build_info.begin();
        iter != build_info.end();
        iter++)
    {
        long CodeStartAddr = iter->CodeStartAddr;

        Code.buf  = file.VaToPtr(CodeStartAddr);
        Code.addr = CodeStartAddr;
        Code.size = iter->CodeSize;
        if (Code.size < 5)
        {
            printf("编译内容不能小于5Byte,容不下一个跳转\n");
            return;
        }

        Analysis analysis;
        std::vector<long> addr_table;
        std::vector<long*> addr_entry_point;
        analysis.analysis_address_table(&Code,
            addr_table,
            section.GetSectionMinAddress(),
            section.GetSectionMaxAddress());

        get_table_addr(section,addr_table,addr_entry_point);

        BuildVMByteCode build(&vm,&Code,&table,addr_entry_point);
        memset(Code.buf, 0, Code.size);                // 旧代码置零
        add_jmp_addr(file, CodeStartAddr, Code.addr);  // 旧代码处修改为jmp Code.addr
    }

#ifdef _DEBUG
    FILE *pfile;
    fopen_s( &pfile, "virtualmachine", "wb" );
    fwrite( pvm->vm_info.buf, 1, pvm->vm_info.size, pfile );
    fclose( pfile );
#endif

    unsigned long section_size = (unsigned long)(table.buffer_size);
    section.AddSection(".WPro",section_size,0xE0000020);
    section.WriteSectionData(file.GetSectionCount()-1,
        0,
        (unsigned char*)table.buffer,
        (unsigned long )table.buffer_size);

    char new_file_name[256];
    memset(new_file_name,0,256);
    memcpy(new_file_name,build_exec_name,strlen(build_exec_name)-3); 
    strcat_s(new_file_name,256,"wp.exe");
    printf("Out File:%s\n", new_file_name);
    file.SavePEFile(new_file_name);
}
开发者ID:DeDf,项目名称:WProtect,代码行数:87,代码来源:1_main.cpp

示例3: buildvmtest_elf

void buildvmtest_elf(BuildCodeInfo & build_info)
{
  VirtualMachineManage vm;
  CodeBufferInfo info;

  CELFFile file;

  char * build_exec_name = build_info.get_filename();
  bool b = file.LoadELFFile(build_exec_name);
  if (!b)
  {
    printf("file is not find\r\n");
    return;
  }
  get_wprotect_sdk_address_elf(file,build_info,"WProtect Begin","WProtect End");
  unsigned long section_size;

  VMAddressTable table(   file.GetNewSegmentSectionBase(),0x512,false);

  bool t_sign = table.get_sign();
  table.set_sign(true);
  long virtualmachine_address = table.assign_address(0x1024);
  table.set_sign(t_sign);
  VirtualMachine *pvm = vm.add_virtual_machine(virtualmachine_address,false);

  table.copy(virtualmachine_address,pvm->vm_info.buf,pvm->vm_info.size);


  for (BuildCodeInfo::iterator iter = build_info.begin(); iter != build_info.end(); iter++)
  {
    long build_exec_addr = iter->build_exec_addr;
    long build_exec_size = iter->build_exec_size;
    info.buf = file.VaToPtr(build_exec_addr);
    info.addr = build_exec_addr;
    info.size = 0x40194f - 0x4014a0;
    info.size = build_exec_size;
    if (info.size < 5)
    {
      printf("Protect Size less than 5 Byte\n");
      return;
    }
//#define VM_DEBUG_BUILD
#ifdef VM_DEBUG_BUILD
    Analysis analysis;
    std::vector<CodePiece> code_list;
    analysis.disasm(&info,code_list);
    bool next = true;
    for (std::vector<CodePiece>::iterator iter = code_list.begin();
         iter != code_list.end();iter++)
    {
        bool begin = true;
        //info.addr = 0;
        //info.buf = 0;
        if (iter->get_is_jcc())
         info.size = iter->get_piece().back().insn_offset - iter->get_piece().front().insn_offset;
        else
         info.size = iter->get_piece().back().pc - iter->get_piece().front().insn_offset;
        info.addr = iter->get_piece().front().insn_offset;
        info.buf = section.VaToPtr(info.addr);

        if (info.size < 5 )
        {
            printf("编译的地址不能小于5Byte,这段指令编译失败\n");
            //return;
            continue;
        }
        void * ptr_old_code = info.buf;
        size_t old_code_size = info.size;
        long old_addr = info.addr;
        BuildVMByteCode build(&vm,&info,&table);
        memset(ptr_old_code,0x90,old_code_size);
        add_jmp_addr(file,old_addr,info.addr);
    }
#else
    void * ptr_old_code = info.buf;
    size_t old_code_size = info.size;

    Analysis analysis;
    std::vector<long> addr_table;
    std::vector<long*> addr_entry_point;
    analysis.analysis_address_table(&info,addr_table,file.GetSectionMinAddress(),file.GetSectionMaxAddress());
    get_table_addr_elf(file,addr_table,addr_entry_point);

    BuildVMByteCode build(&vm,&info,&table,addr_entry_point);
    memset(ptr_old_code,0,old_code_size);
    add_jmp_addr_elf(file,build_exec_addr,info.addr);
#endif
  }


  FILE *pfile;

  //  VirtualMachine *pvm = vm.rand_virtual_machine();


  //t_sign = table.get_sign();
  //table.set_sign(true);
  //  long virtualmachine_address = table.assign_address(pvm->vm_info.size);
  //table.set_sign(t_sign);

//.........这里部分代码省略.........
开发者ID:pentestit,项目名称:WProtect,代码行数:101,代码来源:main.cpp


注:本文中的Analysis::analysis_address_table方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。