|
已解决
Autoit 在先没有打开浏览器的情况下 $CMD = "start msedge" Run(@ComSpec & " /c " & $CMD,@WindowsDir,@SW_HIDE) While Not WinActivate("[CLASS:Chrome_WidgetWin_1]") Sleep(10) WEnd ClipPut("edge://version") Send("^L") Send("^L") Send("^V") Send("{ENTER}")
最后于 2022-9-22 20:40
被moyiah编辑
,原因:
|
|
[求助]Java HMACSHA1 算法传入的word, key 是字节数组类型如何用JS实现
不知道你的JS怎么写的 是这样 比如那两个Java字节数组 写到js里需要像下面这样子: var bArr = [70, 70, 72, 75, 90, 89, 76, 75, 65].map(c => c >= 0 ? c : 0xff+c+1); var bArr2 = [0, 0, 0, 0, 3, 73, 98, -37].map(c => c >= 0 ? c : 0xff+c+1); 用这里的 sha1hmac.js 举个例子(看最后面3行) 算出结果是 '4607437b052871aa1653b0e82c78f8436d6d97d2' 这个结果跟Java里 var Crypto = {}; Crypto.sha1_hmac = function (msg, key) { "use strict"; var oKeyPad, iKeyPad, iPadRes, bytes, i, len; if (key.length > 64) { // keys longer than blocksize are shortened key = Crypto.sha1(key, true); } bytes = []; len = key.length; for (i = 0; i < 64; ++i) { bytes[i] = len > i ? key.charCodeAt(i) : 0x00; } oKeyPad = ""; iKeyPad = ""; for (i = 0; i < 64; ++i) { oKeyPad += String.fromCharCode(bytes[i] ^ 0x5C); iKeyPad += String.fromCharCode(bytes[i] ^ 0x36); } iPadRes = Crypto.sha1(iKeyPad + msg, true); return Crypto.sha1(oKeyPad + iPadRes); }; Crypto.sha1 = function (msg, raw) { function rotate_left(n,s) { var t4 = ( n<<s ) | (n>>>(32-s)); return t4; } function lsb_hex(val) { var str=""; var i; var vh; var vl; for( i=0; i<=6; i+=2 ) { vh = (val>>>(i*4+4))&0x0f; vl = (val>>>(i*4))&0x0f; str += vh.toString(16) + vl.toString(16); } return str; } function cvt_hex(val, raw) { var str=""; var i; var v; for( i=7; i>=0; i-- ) { v = (val>>>(i*4))&0x0f; str += raw ? String.fromCharCode(v) : v.toString(16); } return str; } var blockstart; var i, j; var W = new Array(80); var H0 = 0x67452301; var H1 = 0xEFCDAB89; var H2 = 0x98BADCFE; var H3 = 0x10325476; var H4 = 0xC3D2E1F0; var A, B, C, D, E; var result, rawResult; var msg_len = msg.length; var word_array = []; for( i=0; i<msg_len-3; i+=4 ) { j = msg.charCodeAt(i)<<24 | msg.charCodeAt(i+1)<<16 | msg.charCodeAt(i+2)<<8 | msg.charCodeAt(i+3); word_array.push( j ); } switch( msg_len % 4 ) { case 0: i = 0x080000000; break; case 1: i = msg.charCodeAt(msg_len-1)<<24 | 0x0800000; break; case 2: i = msg.charCodeAt(msg_len-2)<<24 | msg.charCodeAt(msg_len-1)<<16 | 0x08000; break; case 3: i = msg.charCodeAt(msg_len-3)<<24 | msg.charCodeAt(msg_len-2)<<16 | msg.charCodeAt(msg_len-1)<<8 | 0x80; break; } word_array.push( i ); while( (word_array.length % 16) != 14 ) word_array.push( 0 ); word_array.push( msg_len>>>29 ); word_array.push( (msg_len<<3)&0x0ffffffff ); for ( blockstart=0; blockstart<word_array.length; blockstart+=16 ) { for( i=0; i<16; i++ ) W[i] = word_array[blockstart+i]; for( i=16; i<=79; i++ ) W[i] = rotate_left(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1); A = H0; B = H1; C = H2; D = H3; E = H4; for( i= 0; i<=19; i++ ) { temp = (rotate_left(A,5) + ((B&C) | (~B&D)) + E + W[i] + 0x5A827999) & 0x0ffffffff; E = D; D = C; C = rotate_left(B,30); B = A; A = temp; } for( i=20; i<=39; i++ ) { temp = (rotate_left(A,5) + (B ^ C ^ D) + E + W[i] + 0x6ED9EBA1) & 0x0ffffffff; E = D; D = C; C = rotate_left(B,30); B = A; A = temp; } for( i=40; i<=59; i++ ) { temp = (rotate_left(A,5) + ((B&C) | (B&D) | (C&D)) + E + W[i] + 0x8F1BBCDC) & 0x0ffffffff; E = D; D = C; C = rotate_left(B,30); B = A; A = temp; } for( i=60; i<=79; i++ ) { temp = (rotate_left(A,5) + (B ^ C ^ D) + E + W[i] + 0xCA62C1D6) & 0x0ffffffff; E = D; D = C; C = rotate_left(B,30); B = A; A = temp; } H0 = (H0 + A) & 0x0ffffffff; H1 = (H1 + B) & 0x0ffffffff; H2 = (H2 + C) & 0x0ffffffff; H3 = (H3 + D) & 0x0ffffffff; H4 = (H4 + E) & 0x0ffffffff; } result = (cvt_hex(H0) + cvt_hex(H1) + cvt_hex(H2) + cvt_hex(H3) + cvt_hex(H4)).toLowerCase(); if (!raw) { return result; } rawResult = ""; while (result.length) { rawResult += String.fromCharCode(parseInt(result.substr(0, 2), 16)); result = result.substr(2); } return rawResult; }; var bArr = [70, 70, 72, 75, 90, 89, 76, 75, 65].map(c => c >= 0 ? c : 0xff+c+1); var bArr2 = [0, 0, 0, 0, 3, 73, 98, -37].map(c => c >= 0 ? c : 0xff+c+1); Crypto.sha1_hmac(String.fromCharCode(...bArr2),String.fromCharCode(...bArr)); |
|
驱动源码编译不了
按C++编译。可以用附件这个。具体怎么改了看git diff diff --git a/MMInject/DynData.c b/MMInject/DynData.c index c219cf7..2239e18 100644 --- a/MMInject/DynData.c +++ b/MMInject/DynData.c @@ -1,5 +1,5 @@ #include "MMInject.h" -#include "StringEncryptor.h +#include "StringEncryptor.h" #include "Utils.h" ULONG_PTR NtoskrnlBase = 0; @@ -10,7 +10,7 @@ static CONSTEXPR const UCHAR MiGetPdeAddressStartPattern[] = { 0x48, 0xC1, 0xE9, static CONSTEXPR const UCHAR CommonReturnPattern[] = { 0x48, 0x03, 0xC1, 0xC3 }; DECLSPEC_NOINLINE - static + extern "C" ULONG_PTR FindPattern( _In_ ULONG_PTR Base, @@ -20,14 +20,14 @@ static CONSTEXPR const UCHAR CommonReturnPattern[] = { 0x48, 0x03, 0xC1, 0xC3 }; ); DECLSPEC_NOINLINE - static + extern "C" ULONG_PTR BacktrackToFunctionStart( _In_ PUCHAR StartAddress, _In_ PUCHAR LowerBound ); - static + extern "C" NTSTATUS FindNtoskrnl( _Out_ PULONG_PTR KernelBase, diff --git a/MMInject/MMInject.c b/MMInject/MMInject.c index e707191..a605327 100644 --- a/MMInject/MMInject.c +++ b/MMInject/MMInject.c @@ -4,7 +4,7 @@ #include "BlackBone/Loader.h" #include "Utils.h" - static + extern "C" BOOLEAN NTAPI HandleEnumerationCallback( @@ -16,7 +16,7 @@ _In_ PVOID EnumParameter ); - static + extern "C" NTSTATUS SetCSRSSWindowStation( _In_ PEPROCESS Process, diff --git a/MMInject/MMInject.vcxproj b/MMInject/MMInject.vcxproj index 68b4842..27c162b 100644 --- a/MMInject/MMInject.vcxproj +++ b/MMInject/MMInject.vcxproj @@ -471,6 +471,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase /> @@ -482,6 +483,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -503,6 +505,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -514,6 +517,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -535,6 +539,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -547,6 +552,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -568,6 +574,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase /> @@ -579,6 +586,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -600,6 +608,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -611,6 +620,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -632,6 +642,7 @@ <TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType> <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -644,6 +655,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <GenerateDebugInformation>DebugFull</GenerateDebugInformation> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -668,6 +680,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <OmitFramePointers>true</OmitFramePointers> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase /> @@ -681,6 +694,7 @@ <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -705,6 +719,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <OmitFramePointers>true</OmitFramePointers> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -720,6 +735,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -750,6 +766,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -763,6 +780,7 @@ <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -787,6 +805,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <ControlFlowGuard>false</ControlFlowGuard> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -801,6 +820,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -829,6 +849,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <OmitFramePointers>true</OmitFramePointers> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -843,6 +864,7 @@ <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -867,6 +889,7 @@ <AdditionalIncludeDirectories>$(ProjectDir);$(IntDir);$(ProjectDir)VMProtectDDK;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <OmitFramePointers>true</OmitFramePointers> <ControlFlowGuard>false</ControlFlowGuard> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -882,6 +905,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -911,6 +935,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase /> @@ -924,6 +949,7 @@ <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -949,6 +975,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -964,6 +991,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -995,6 +1023,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -1008,6 +1037,7 @@ <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> <EntryPointSymbol>DriverEntry</EntryPointSymbol> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -1033,6 +1063,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -1047,6 +1078,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -1076,6 +1108,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -1090,6 +1123,7 @@ <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> <AdditionalDependencies>%(AdditionalDependencies);$(KernelBufferOverflowLib);ntoskrnl.lib;hal.lib;cng.lib;wmilib.lib;</AdditionalDependencies> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> @@ -1115,6 +1149,7 @@ <ControlFlowGuard>false</ControlFlowGuard> <BufferSecurityCheck>false</BufferSecurityCheck> <OmitFramePointers>true</OmitFramePointers> + <CompileAs>CompileAsCpp</CompileAs> </ClCompile> <Link> <ProfileGuidedDatabase> @@ -1130,6 +1165,7 @@ <GenerateMapFile>true</GenerateMapFile> <RandomizedBaseAddress>true</RandomizedBaseAddress> <DataExecutionPrevention>true</DataExecutionPrevention> + <TreatLinkerWarningAsErrors>false</TreatLinkerWarningAsErrors> </Link> <DriverSign> <FileDigestAlgorithm>sha256</FileDigestAlgorithm> diff --git a/MMInject/main.c b/MMInject/main.c index 5dd5f10..f4eb333 100644 --- a/MMInject/main.c +++ b/MMInject/main.c @@ -1,6 +1,6 @@ #include "MMInject.h" -#include "util.h" -#include "strings.h" +#include "utils.h" +#include "stringencryptor.h" #include <stdarg.h> #include <stdio.h> @@ -32,30 +32,30 @@ private: WCHAR DllPathBuffer[MAX_PATH]; } INJECT_DLL_PARAMS, *PINJECT_DLL_PARAMS; -static +extern "C" BOOLEAN IsDriverExpired( ); -static +extern "C" BOOLEAN DeletePiDDBCacheTableEntry( _In_ PUNICODE_STRING DriverFileName, _In_opt_ ULONG DriverTimeDateStamp ); -static +extern "C" VOID CleanMmUnloadedDrivers( ); -static +extern "C" BOOLEAN DestroyDriverFile( _In_ PDRIVER_OBJECT DriverObject ); -static +extern "C" BOOLEAN DestroyDriverInformation( _In_ PDRIVER_OBJECT DriverObject @@ -219,6 +219,7 @@ InitDynamicData( : STATUS_INVALID_KERNEL_INFO_VERSION; } + static BOOLEAN IsDriverExpired(
最后于 2022-5-16 23:02
被moyiah编辑
,原因:
|
|
|
|
|
|
[求助]windows远程桌面连接,被控主机被远程后,真实键盘鼠标失效的问题。
|
|
Go 二进制逆向
需求的2个算法如下: 需求算法1、app 生成Redis 存储时候的Key(UUID)的算法:HMAC-SHA256 + Argon2Key(UUID)根据input由以下算法计算得来: input := []byte("SUNhbkhhelVuaWNvcm40LXdzLWF1cy1kYXkyPy05OTkz") mac := hmac.New(sha256.New, []byte("NotASecret")) mac.Write(input) encoded := base64.StdEncoding.EncodeToString(mac.Sum(nil)) output, err := argon2.Key([]byte(encoded), []byte("NotAnotherSecret"), 3, 4, 4096, 32, argon2.Argon2i) if err != nil { fmt.Println(err) return } encarg := hex.EncodeToString(output) u1 := uuid.UUID{} u1.UnmarshalText([]byte(encarg)[:32]) fmt.Printf("Key UUID = %s\n\n", u1) 需求算法2、app 返回值中 Status的算法:PBKDF2返回值中 Status根据返回值中的Result由以下算法计算得来: result := []byte("VajVgtoR/hDgfac6qVeGMrzjMbVuVyJzFjA58iKtag==") status := pbkdf2.Key(result, []byte("ws-aus-day2"), 2, 32, sha256.New) fmt.Printf("Status = %s\n", hex.EncodeToString(status)) 完整测试Go源程序//usr/bin/env go run $0 "$@"; exit package main import ( "encoding/base64" "encoding/hex" "fmt" "crypto/hmac" "crypto/sha256" "github.com/pzduniak/argon2" "github.com/satori/go.uuid" "golang.org/x/crypto/pbkdf2" ) func main() { input := []byte("SUNhbkhhelVuaWNvcm40LXdzLWF1cy1kYXkyPy05OTkz") mac := hmac.New(sha256.New, []byte("NotASecret")) mac.Write(input) encoded := base64.StdEncoding.EncodeToString(mac.Sum(nil)) output, err := argon2.Key([]byte(encoded), []byte("NotAnotherSecret"), 3, 4, 4096, 32, argon2.Argon2i) if err != nil { fmt.Println(err) return } encarg := hex.EncodeToString(output) u1 := uuid.UUID{} u1.UnmarshalText([]byte(encarg)[:32]) fmt.Printf("Key UUID = %s\n\n", u1) result := []byte("VajVgtoR/hDgfac6qVeGMrzjMbVuVyJzFjA58iKtag==") status := pbkdf2.Key(result, []byte("ws-aus-day2"), 2, 32, sha256.New) fmt.Printf("Status = %s\n", hex.EncodeToString(status)) } |
|
[求助]ida的橘黄色断点是什么意思
断点橘黄色的意思是Unavailable breakpoint background。 参见Options --> Colors --> Unavailable breakpoint background。
|
|
|
|
[原创]ACTF EXP分析
支持 ,我很需要 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值