Search - Pe-file_infector

Search - Pe-file_infector - List

[Other] insertcode DL : 0: PE可执行文件的镶入式程序的编写方法及示例(镶入式后门程序&原程序) 由于Microsoft公司的Windows系统是当前大部分个人电脑所使用的操作系统主要包括win95,98,me,nt4,2000,xp等，而这些系统所使用的可执行文件的格式基本上是PE结构的。这里的可执行文件的镶入式程序就是针对PE结构的可执行文件。这里先简单说一下PE文件框架结构： DOS MZ header DOS stub//在不支持 PE文件格式的操作系统中它将简单显示一个错误提示 PE header//含了许多PE装载器用到的重要信息 Section table//每个Section的信息 Section 1 Section 2 Section 3.... 由于SectionAlignment 块对齐的原因每个Section之间都会产生很多空间，镶入式程序的代码可以放在Section之间的空位上，比较方便的方法是把代码放在最后一个Section的末尾，然后更改Misc.VirtualSize和SizeOfRawData这两个位于Section table的IMAGE_SECTION_HEADER结构数组的成员。如果代码十分的长，有时候会造成镶入的代码无法被完全加载而产生错误，这时需要更改SizeOfImage 在IMAGE_NT_HEADERS 结构中。在不同的WINDOWS版本中api调用地址也有不同，为了解决这个问题可以更改引入表让加载器-PE executable files embedded into the formal process of the preparation methods and examples (Insert-in procedures for the back door
Date : 2025-07-06 Size : 77kb User :
[File Format] PE文件教程 DL : 0: PE文件教程,很有用的-PE File Directory, a very useful
Date : 2025-07-06 Size : 95kb User : 黄剑
[Other] PE 文件的感染WIN32CPP代码 DL : 0: PE 文件的感染WIN32CPP代码-PE document WIN32CPP source of infection
Date : 2025-07-06 Size : 8kb User : 张强
[File Operate] PETools DL : 0: 一份PE文件修改的VC源码，可查看PE文件的大量信息和修改部分文件信息，可查看进程加载的模块。-a PE files VC source, PE document can be found on the vast amount of information and documents to amend some information can be found on the module loading process.
Date : 2025-07-06 Size : 50kb User : 吴志明
[OS program] PEdump_src_2001 DL : 0: 这是使我最受益的学习PE文件的代码。让我终生受益！-This is my greatest benefit of learning PE document code. Allow me to enjoy the benefits!
Date : 2025-07-06 Size : 126kb User : 王明心
[OS program] FindOEP DL : 0: OEP是每个PE文件读取时的起始地址，该程序给出两种方法来读取OEP，一种是直接从PE文件读取；另一种是将PE映射到内存中来读取。-OEP each PE file read at the opening address, the program gives two ways to read OEP. A PE is directly from the document read. Another is to PE Maps memory to read.
Date : 2025-07-06 Size : 32kb User : byron
[Crack Hack] yC1.3src DL : 0: I think this the first time every one can look at a PE crypter source in top level language such VC++. So as I promised ... if some one sent me one nice compress source I would publish my source. I dedicate this source to all people who involve in this field. I hope it helps someone. Have good days ashkbiz Check: yodap.cjb.net
Date : 2025-07-06 Size : 48kb User : 李泉
[OS program] PEInject DL : 0: 一般的为PE文件新增一个节的代码都是汇编代码,但是这是一个VC写的为PE文件新增一个节的代码,代码注释详尽!-General for the PE file add a section of the code are compiled code, but this is a VC for the PE file written in a new section of the code, the code detailed notes!
Date : 2025-07-06 Size : 2.88mb User : 郭事业
[Other] CheckPE DL : 0: 这个例子主要是介绍pe相关知识的有了它,pe对于你来说是小菜一碟了-This example is mainly related knowledge pe Introduction With it, pe for you is a piece of cake
Date : 2025-07-06 Size : 4.15mb User : 谢黎鹏
[OS program] DllView DL : 0: PE文件分析实现了 dll导入到出函数的察看,PE文件分析实现了 dll导入到出函数的察看.-Analysis of PE files into a dll a function of View, PE Analysis of the realization of the dll file into a function of View.
Date : 2025-07-06 Size : 5kb User : 方老
[OS program] OEP DL : 0: 基于visual c++的可以获取pe文件的oep，即每个exe或dll文件加载的起始地址。-Based on visual c++ Can obtain pe documents oep, that is, each exe or dll file to load the starting address.
Date : 2025-07-06 Size : 31kb User : 李乐
[OS program] PE_delphi_VC DL : 0: PE文件分析，源代码为VC6.0版本和Delphi7.0版本。参考价值很大。-PE document analysis, the source code for VC6.0 version and Delphi7.0 version. Great reference value.
Date : 2025-07-06 Size : 223kb User : 齐欢乐
[Windows Develop] AddCodeBeforeExe DL : 0: 利用C++和内嵌汇编将一段代码添加到EXE文件的开头，提示用户是否真要运行这个EXE文件。演示了如何操作PE文件头部。-The use of C++ And embedded compilation will be added to a section of code at the beginning of EXE files, prompts the user really want to run the EXE file. Demonstrated how to operate the head PE file.
Date : 2025-07-06 Size : 28kb User : 张立人
[Crack Hack] checkPE DL : 0: 这个是一个用汇编编写的查看PE文件有效性的程序，PE加载器需要做的事情之一。-err
Date : 2025-07-06 Size : 7kb User : fancy
[OS program] WritePE DL : 0: 改写PE文件，插入特定代码！静态注入,一个改写插入代码的例子！VS2005编译-Rewrite PE file, insert the specific code! Static injection, insert a rewritten code examples! VS2005 compiler
Date : 2025-07-06 Size : 13kb User : dapro
[Windows Develop] VBMAKEKE DL : 0: VB制作的加壳工具只是修改了PE文件头.很轻松的就可以脱掉了.声明本人所上传代码如果没有特别声明都是来自VBGOOD论坛-VB Tools加壳produced only modify the PE file header. Very easily can be off. Statement From my code if there is no special statement from VBGOOD Forum
Date : 2025-07-06 Size : 9kb User : 残影
[Crack Hack] PE DL : 0: 可以查看PE结构信息.包括节区表,导入表和导出表.是学习PE结构的好东西.-PE can view the structure of information. Including the Festival District Table, Import Table and Export Table. PE are studying the structure of good things.
Date : 2025-07-06 Size : 55kb User : 禁区
[OS program] MemCpy DL : 0: Mem Copier This source code of my old program to copying memory image it saves copied image to file so ye you can dump raw pe image using it-Mem Copier This is source code of my old program to copying memory image it saves copied image to file so ye you can dump raw pe image using it
Date : 2025-07-06 Size : 3.53mb User : croner
[VC/MFC] C.infect.PEfile DL : 0: 在C语言的基础上实现感染PE文件的源代码-In the C language on the basis of PE files infected with the source code
Date : 2025-07-06 Size : 4kb User : 艾尔文
[OS program] pe DL : 0: 为PE添加数字签名VC6代码数字签名添加-For the PE to add a digital signature VC6 code to add a digital signature
Date : 2025-07-06 Size : 34kb User : kyo

« 12 »