Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - Pe-file_infector

Search list

[Otherinsertcode

Description: PE可执行文件的镶入式程序的编写方法及示例(镶入式后门程序&原程序) 由于Microsoft公司的Windows系统是当前大部分个人电脑所使用的操作系统 主要包括win95,98,me,nt4,2000,xp等,而这些系统所使用的可执行文件的格式基 本上是PE结构的。这里的可执行文件的镶入式程序就是针对PE结构的可执行文件。 这里先简单说一下PE文件框架结构: DOS MZ header DOS stub//在不支持 PE文件格式的操作系统中它将简单显示一个错误提示 PE header//含了许多PE装载器用到的重要信息 Section table//每个Section的信息 Section 1 Section 2 Section 3.... 由于SectionAlignment 块对齐的原因每个Section之间都会产生很多空间, 镶入式程序的代码可以放在Section之间的空位上,比较方便的方法是把代码放在 最后一个Section的末尾,然后更改Misc.VirtualSize和SizeOfRawData这两个位 于Section table的IMAGE_SECTION_HEADER结构数组的成员。如果代码十分的长, 有时候会造成镶入的代码无法被完全加载而产生错误,这时需要更改SizeOfImage 在IMAGE_NT_HEADERS 结构中。 在不同的WINDOWS版本中api调用地址也有不同,为了解决这个问题可以更改引 入表让加载器-PE executable files embedded into the formal process of the preparation methods and examples (Insert-in procedures for the back door
Platform: | Size: 78848 | Author: | Hits:

[File FormatPE文件教程

Description: PE文件教程,很有用的-PE File Directory, a very useful
Platform: | Size: 97280 | Author: 黄剑 | Hits:

[OtherPE 文件的感染WIN32CPP代码

Description: PE 文件的感染WIN32CPP代码-PE document WIN32CPP source of infection
Platform: | Size: 8192 | Author: 张强 | Hits:

[File OperatePETools

Description: 一份PE文件修改的VC源码,可查看PE文件的大量信息和修改部分文件信息,可查看进程加载的模块。-a PE files VC source, PE document can be found on the vast amount of information and documents to amend some information can be found on the module loading process.
Platform: | Size: 51200 | Author: 吴志明 | Hits:

[OS programPEdump_src_2001

Description: 这是使我最受益的学习PE文件的代码。让我终生受益!-This is my greatest benefit of learning PE document code. Allow me to enjoy the benefits!
Platform: | Size: 129024 | Author: 王明心 | Hits:

[OS programFindOEP

Description: OEP是每个PE文件读取时的起始地址,该程序给出两种方法来读取OEP,一种是直接从PE文件读取;另一种是将PE映射到内存中来读取。-OEP each PE file read at the opening address, the program gives two ways to read OEP. A PE is directly from the document read. Another is to PE Maps memory to read.
Platform: | Size: 32768 | Author: byron | Hits:

[Crack HackyC1.3src

Description: I think this the first time every one can look at a PE crypter source in top level language such VC++. So as I promised ... if some one sent me one nice compress source I would publish my source. I dedicate this source to all people who involve in this field. I hope it helps someone. Have good days ashkbiz Check: yodap.cjb.net
Platform: | Size: 49152 | Author: 李泉 | Hits:

[OS programPEInject

Description: 一般的为PE文件新增一个节的代码都是汇编代码,但是这是一个VC写的为PE文件新增一个节的代码,代码注释详尽!-General for the PE file add a section of the code are compiled code, but this is a VC for the PE file written in a new section of the code, the code detailed notes!
Platform: | Size: 3016704 | Author: 郭事业 | Hits:

[OtherCheckPE

Description: 这个例子主要是介绍pe相关知识的 有了它,pe对于你来说是小菜一碟了-This example is mainly related knowledge pe Introduction With it, pe for you is a piece of cake
Platform: | Size: 4353024 | Author: 谢黎鹏 | Hits:

[OS programDllView

Description: PE文件分析实现了 dll导入到出函数的察看,PE文件分析实现了 dll导入到出函数的察看.-Analysis of PE files into a dll a function of View, PE Analysis of the realization of the dll file into a function of View.
Platform: | Size: 5120 | Author: 方老 | Hits:

[OS programOEP

Description: 基于visual c++的 可以获取pe文件的oep,即每个exe或dll文件加载的起始地址。-Based on visual c++ Can obtain pe documents oep, that is, each exe or dll file to load the starting address.
Platform: | Size: 31744 | Author: 李乐 | Hits:

[OS programPE_delphi_VC

Description: PE文件分析,源代码为VC6.0版本和Delphi7.0版本。参考价值很大。-PE document analysis, the source code for VC6.0 version and Delphi7.0 version. Great reference value.
Platform: | Size: 228352 | Author: 齐欢乐 | Hits:

[Windows DevelopAddCodeBeforeExe

Description: 利用C++和内嵌汇编将一段代码添加到EXE文件的开头,提示用户是否真要运行这个EXE文件。演示了如何操作PE文件头部。-The use of C++ And embedded compilation will be added to a section of code at the beginning of EXE files, prompts the user really want to run the EXE file. Demonstrated how to operate the head PE file.
Platform: | Size: 28672 | Author: 张立人 | Hits:

[Crack HackcheckPE

Description: 这个是一个用汇编编写的查看PE文件有效性的程序,PE加载器需要做的事情之一。-err
Platform: | Size: 7168 | Author: fancy | Hits:

[OS programWritePE

Description: 改写PE文件,插入特定代码!静态注入,一个改写插入代码的例子!VS2005编译-Rewrite PE file, insert the specific code! Static injection, insert a rewritten code examples! VS2005 compiler
Platform: | Size: 13312 | Author: dapro | Hits:

[Windows DevelopVBMAKEKE

Description: VB制作的加壳工具只是修改了PE文件头.很轻松的就可以脱掉了.声明本人所上传代码如果没有特别声明都是来自VBGOOD论坛-VB Tools加壳produced only modify the PE file header. Very easily can be off. Statement From my code if there is no special statement from VBGOOD Forum
Platform: | Size: 9216 | Author: 残影 | Hits:

[Crack HackPE

Description: 可以查看PE结构信息.包括节区表,导入表和导出表.是学习PE结构的好东西.-PE can view the structure of information. Including the Festival District Table, Import Table and Export Table. PE are studying the structure of good things.
Platform: | Size: 56320 | Author: 禁区 | Hits:

[OS programMemCpy

Description: Mem Copier This source code of my old program to copying memory image it saves copied image to file so ye you can dump raw pe image using it-Mem Copier This is source code of my old program to copying memory image it saves copied image to file so ye you can dump raw pe image using it
Platform: | Size: 3704832 | Author: croner | Hits:

[VC/MFCC.infect.PEfile

Description: 在C语言的基础上实现感染PE文件的源代码-In the C language on the basis of PE files infected with the source code
Platform: | Size: 4096 | Author: 艾尔文 | Hits:

[OS programpe

Description: 为PE添加数字签名VC6代码 数字签名添加-For the PE to add a digital signature VC6 code to add a digital signature
Platform: | Size: 34816 | Author: kyo | Hits:
« 12 »

CodeBus www.codebus.net