|
[原创]使用uncompyle2直接反编译python字节码文件pyo/pyc
是的。。但WingIDE居然还木有加混淆。。难道这是特意给买不起正版的屌丝留了条活路么。。 |
|
|
|
[原创]使用uncompyle2直接反编译python字节码文件pyo/pyc
其实重点只是想介绍 uncompyle2这工具可以很好的反编译python生成的pyc/pyo字节码。 至于是否原创无所谓。 我看到的是修改二进制文件的方法,而非反编译后python代码,所以自己简单实践了下。。 |
|
|
|
[求助]驱动获得进程完整路径名称的问题
贴个之前自己用的代码。win7、xp通用。 NTSTATUS GetProcessImageName(PUNICODE_STRING ProcessImageName) { NTSTATUS status; ULONG returnedLength; ULONG bufferLength; PVOID buffer; PUNICODE_STRING imageName; PAGED_CODE(); // this eliminates the possibility of the IDLE Thread/Process if (NULL == ZwQueryInformationProcess) { UNICODE_STRING routineName; RtlInitUnicodeString(&routineName, L"ZwQueryInformationProcess"); ZwQueryInformationProcess = (QUERY_INFO_PROCESS) MmGetSystemRoutineAddress(&routineName); if (NULL == ZwQueryInformationProcess) { KdPrint(("Cannot resolve ZwQueryInformationProcess\r\n")); } } // // Step one - get the size we need // status = ZwQueryInformationProcess( NtCurrentProcess(), ProcessImageFileName, NULL, // buffer 0, // buffer size &returnedLength); if (STATUS_INFO_LENGTH_MISMATCH != status) { return status; } // // Is the passed-in buffer going to be big enough for us? // This function returns a single contguous buffer model... // bufferLength = returnedLength - sizeof(UNICODE_STRING); if (ProcessImageName->MaximumLength < bufferLength) { ProcessImageName->Length = (USHORT) bufferLength; KdPrint(("ProcessImageName's Buffer Is Toooo small\r\n")); return STATUS_BUFFER_OVERFLOW; } // // If we get here, the buffer IS going to be big enough for us, so // let's allocate some storage. // buffer = ExAllocatePoolWithTag(NonPagedPool, returnedLength, 'ipgD'); if (NULL == buffer) { return STATUS_INSUFFICIENT_RESOURCES; } // // Now lets go get the data // status = ZwQueryInformationProcess( NtCurrentProcess(), ProcessImageFileName, buffer, returnedLength, &returnedLength); if (NT_SUCCESS(status)) { // // Ah, we got what we needed // imageName = (PUNICODE_STRING) buffer; RtlCopyUnicodeString(ProcessImageName, imageName); } // // free our buffer // ExFreePool(buffer); // // And tell the caller what happened. // return status; } |
|
[不敢声称原创,会被喷]A盾电脑防护0.43源代码发布~~
顶啊顶~~~可以学到不少东西啊,从内核到用户态 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值