|
高铁上遇到一个女孩,能不能查到联系方式,有的话联系我可以吗
两颗糖背后的故事让人暖心。 4:Hack高铁出站口的摄像头,获取监控 5:提取糖果上的指纹,Hack指纹库比对 。。。。。。
最后于 2024-7-28 19:39
被superlover编辑
,原因:
|
|
QVector::isEmpty这个巨坑!!!
_THINCT 倒没有用到多线程。是一个计算器功能的实现,里面的逻辑分支太多了,出现了逻辑错误。如果是多线程,估计更加难以发现了。while (!operStack.isEmpty())的时候其他地方有没有operStack的push操作,一般情况下是不会出现这种低级错误的 |
|
QVector::isEmpty这个巨坑!!!
是不是多线程环境?没有加锁是有可能出现这种情况的。 |
|
[讨论] 想买个EV代码证书。请推荐一下。
https://cheapsslsecurity.com/sslproducts/codesigningcertificate.html 我之前用的是comodo的ev,不差钱就上亚洲诚信。
最后于 2024-3-6 09:42
被superlover编辑
,原因:
|
|
[讨论]看雪bug测试
hiahiahia |
|
|
|
|
|
|
|
|
|
[已结]盖茨的痿软系统真TM浪费生命,1秒解决的函数他娘地还隐藏资料,编译器也难用到死)
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0) // PROCESS_BASIC_INFORMATION for pure 32 and 64-bit processes typedef struct _PROCESS_BASIC_INFORMATION { PVOID Reserved1; PVOID PebBaseAddress; PVOID Reserved2[2]; ULONG_PTR UniqueProcessId; PVOID Reserved3; } PROCESS_BASIC_INFORMATION; // PROCESS_BASIC_INFORMATION for 32-bit process on WOW64 // The definition is quite funky, as we just lazily doubled sizes to match offsets... typedef struct _PROCESS_BASIC_INFORMATION_WOW64 { PVOID Reserved1[2]; PVOID64 PebBaseAddress; PVOID Reserved2[4]; ULONG_PTR UniqueProcessId[2]; PVOID Reserved3[2]; } PROCESS_BASIC_INFORMATION_WOW64; typedef struct _UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } UNICODE_STRING; typedef struct _UNICODE_STRING_WOW64 { USHORT Length; USHORT MaximumLength; PVOID64 Buffer; } UNICODE_STRING_WOW64; wchar_t *GetProcessPebCommandLine( DWORD dwProcessId ) { NTSTATUS status; SYSTEM_INFO si; BOOL wow64; HANDLE hProcess = NULL; wchar_t *pCmdLine = NULL; PBYTE peb = NULL; PBYTE pUserProcessParameters = NULL; do { hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, dwProcessId ); if ( hProcess == NULL ) { assert(FALSE); break; } GetNativeSystemInfo( &si ); IsWow64Process( GetCurrentProcess(), &wow64 ); DWORD ProcessParametersOffset = si.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64 ? 0x20 : 0x10; DWORD CommandLineOffset = si.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64 ? 0x70 : 0x40; DWORD pebSize = ProcessParametersOffset + 8; DWORD ppSize = CommandLineOffset + 16; peb = ( PBYTE )malloc ( pebSize * 2 ); pUserProcessParameters = ( PBYTE )malloc ( ppSize * 2 ); if ( peb == NULL || pUserProcessParameters == NULL ) { assert( FALSE ); break; } ZeroMemory( pUserProcessParameters, ppSize ); ZeroMemory( peb, pebSize ); if ( wow64 ) { PROCESS_BASIC_INFORMATION_WOW64 pbi; ZeroMemory( &pbi, sizeof( pbi ) ); typedef NTSTATUS( __stdcall * fnNtWow64QueryInformationProcess64 )( HANDLE ProcessHandle, ULONG ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength ); static fnNtWow64QueryInformationProcess64 pNtWow64QueryInformationProcess64 = ( fnNtWow64QueryInformationProcess64 )GetProcAddress( GetModuleHandleA( "ntdll.dll" ), "NtWow64QueryInformationProcess64" ); typedef NTSTATUS( __stdcall * fnNtWow64ReadVirtualMemory64 )( HANDLE ProcessHandle, PVOID64 BaseAddress, PVOID Buffer, ULONG64 Size, PULONG64 NumberOfBytesRead ); static fnNtWow64ReadVirtualMemory64 pfnWow64ReadVirtualMemory64 = ( fnNtWow64ReadVirtualMemory64 )GetProcAddress( GetModuleHandleA( "ntdll.dll" ), "NtWow64ReadVirtualMemory64" ); if ( pNtWow64QueryInformationProcess64 == NULL || pfnWow64ReadVirtualMemory64 == NULL ) { assert( FALSE ); break; } status = pNtWow64QueryInformationProcess64( hProcess, 0, &pbi, sizeof( pbi ), NULL ); if ( !NT_SUCCESS( status ) ) { assert( FALSE ); break; } status = pfnWow64ReadVirtualMemory64( hProcess, pbi.PebBaseAddress, peb, pebSize, NULL ); if ( !NT_SUCCESS( status ) ) { assert( FALSE ); break; } // read ProcessParameters from 64-bit address space PBYTE *parameters = ( PBYTE * ) * ( LPVOID * )( peb + ProcessParametersOffset ); // address in remote process adress space status = pfnWow64ReadVirtualMemory64( hProcess, parameters, pUserProcessParameters, ppSize, NULL ); if ( !NT_SUCCESS( status ) ) { assert(FALSE); break; } // read CommandLine UNICODE_STRING_WOW64 *pCommandLine = ( UNICODE_STRING_WOW64 * )( pUserProcessParameters + CommandLineOffset ); pCmdLine = ( PWSTR )malloc( pCommandLine->MaximumLength * 2 ); status = pfnWow64ReadVirtualMemory64( hProcess, pCommandLine->Buffer, pCmdLine, pCommandLine->MaximumLength, NULL ); if ( !NT_SUCCESS( status ) ) { assert( FALSE ); break; } } else { //我们在32位操作系统中以32位进程运行,或者在64位操作系统中以64位进程运行 PROCESS_BASIC_INFORMATION pbi; ZeroMemory( &pbi, sizeof( pbi ) ); // get process information typedef NTSTATUS( __stdcall * fnZwQueryInformationProcess )( HANDLE ProcessHandle, ULONG ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength ); static fnZwQueryInformationProcess pZwQueryInformationProcess = ( fnZwQueryInformationProcess )GetProcAddress( GetModuleHandleA( "ntdll.dll" ), "ZwQueryInformationProcess" ); if ( pZwQueryInformationProcess == NULL ) { assert( FALSE ); break; } status = pZwQueryInformationProcess( hProcess, 0, &pbi, sizeof( pbi ), NULL ); if ( !NT_SUCCESS( status ) ) { assert( FALSE ); break; } // read PEB if ( !ReadProcessMemory( hProcess, pbi.PebBaseAddress, peb, pebSize, NULL ) ) { assert(FALSE); break; } // read ProcessParameters PBYTE *parameters = ( PBYTE * ) * ( LPVOID * )( peb + ProcessParametersOffset ); // address in remote process adress space if ( !ReadProcessMemory( hProcess, parameters, pUserProcessParameters, ppSize, NULL ) ) { assert( FALSE ); break; } // read CommandLine UNICODE_STRING *pCommandLine = ( UNICODE_STRING * )( pUserProcessParameters + CommandLineOffset ); pCmdLine = ( PWSTR )malloc( pCommandLine->MaximumLength * 2 ); if ( pCmdLine == NULL ) { assert( FALSE ); break; } ZeroMemory( pCmdLine, pCommandLine->MaximumLength ); if ( !ReadProcessMemory( hProcess, pCommandLine->Buffer, pCmdLine, pCommandLine->MaximumLength, NULL ) ) { assert( FALSE ); break; } } } while ( FALSE ); SafeFreeBuffer( pUserProcessParameters ); SafeFreeBuffer( peb ); SafeCloseHandle( hProcess ); return pCmdLine; } 这个是能用的,兼容32位64位,GetProcessPebCommandLine需要自己释放内存。楼主的代码应该是偏移的问题,也就是ProcessParametersOffset和CommandLineOffset;另外涉及指针、内存应该判断下是否有效,有返回值的函数应该判断下是否成功,良好的习惯是成功的第一步。 |
|
[讨论]深入解析windows操作系统第七版英文版目前没人翻译吗?
真羡慕大神,像我这种小学生只能机翻了。 |
|
公司题库的技术突然去世留有一加密文件尚未破解
程序员这么容易猝死?太危险了,还好我转行杀猪了。 |
|
[感喟]十年不过弹指一挥, 俯仰一瞬, 皆为陈迹, 却近在眼前, 历历在目
所以有钱人都去追求延长生命了,时间总是不够。 |
|
一个HOOK后遗症问题
addrTargetFun是VirtualAllocEx,pFun却是VirtualAlloc,用VirtualAllocEx hook VirtualAlloc? |
|
[讨论]你是在什么时候开始觉得时间过得很快的?
怀旧的时候,想念亲人的时候。总之还是要让自己忙碌起来,向前看。人类总有一天会灭绝的,宇宙也会到达奇点然后一切重新轮回。 |
|
[求助]PostMessage 忽略问题
PostMessage、SendMessage底层应该是FileMapping,发送频繁可能会覆盖之前的数据 可以自己用FileMapping+Semaphore+Mutex实现,需要的话可以再加上队列 |
|
[讨论] Google Chrome换Logo了???大家来找茬
颜色越来越纯粹(深),色彩三原色红黄蓝和光学三原色红绿蓝。 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值