-
-
[旧帖]
[求助]请问源码中的BUG
0.00雪花
-
发表于:
2010-3-21 18:48
1214
-
[旧帖] [求助]请问源码中的BUG
0.00雪花
这是一个得到Kernel32基地址的程序源代码(A simple way for get KERNEL32 base address)
我用ml汇编这个源代码,有警告
E:\Source\virus>ml/c/coff k01.asm
Microsoft (R) Macro Assembler Version 9.00.30729.01
Copyright (C) Microsoft Corporation. All rights reserved.
MASM : warning A4018:invalid command-line option : /c/coff
Assembling: k01.asm
k01.asm(85) : warning A4023:with /coff switch, leading underscore required for s
tart address : start
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
LINK : fatal error LNK1104: cannot open file "
随后用link,有错误
E:\Source\virus>link /subsystem:windows k01.obj
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
k01.obj : error LNK2001: unresolved external symbol ExitProcess
LINK : error LNK2001: unresolved external symbol _start
k01.exe : fatal error LNK1120: 2 unresolved externals
有没有人能帮我找找错误呢?谢谢各位好心人了。
.386p
.model flat
extrn ExitProcess:PROC
.data
limit equ 5
db 0
.code
start:
call delta
delta:
pop ebp
sub ebp,offset delta
mov esi,[esp]
and esi,0FFFF0000h
call GetK32
push 00000000h
call ExitProcess
GetK32:
__1:
cmp byte ptr [ebp+K32_Limit],00h
jz WeFailed
cmp word ptr [esi],"ZM"
jz CheckPE
__2:
sub esi,10000h
dec byte ptr [ebp+K32_Limit]
jmp __1
CheckPE:
mov edi,[esi+3Ch]
add edi,esi
cmp dword ptr [edi],"EP"
jz WeGotK32
jmp __2
WeFailed:
mov esi,0BFF70000h
WeGotK32:
xchg eax,esi
ret
K32_Limit dw limit
end start
[课程]Linux pwn 探索篇!