I've been playing a little with C++ Builder lately and something i made was a relocation builder, it is still in development stages so this isn't even a beta it is more of a tester to see whether or not it is of any use and worth continuing with. The idea is simple enough:
1. Take a PE (x86 only at the moment) file and present a list of sections to scan, there is an option to scan all sections. 2. Scan designated sections for dwords which reference into the image, ie: above ImageBase but below ImageBase + SizeOfImage. 3. Fill treeview with details and allow user to peruse references to delete bogus entries, present hex and disasm of results and allow offsetting to check if it is a valid code reference. 4. Copy file into memory, allocate more for new relocation records and add a section header. Adjust PE header and insert records.
It is up to the end user to ensure that the relocation records being built are for valid references and not bogus values that coincide with the range values, maybe there are heuristic ways of determining these things automatically but that is for a future possiblility only.
The time consuming part would be to go through all hits and identify the bogus ones, because i have not done this i cannot verify whether or not the files created are valid...
I did remove the relocation directory from dbghelp.dll and then rebuilt it, the dll loaded but the relocation directory was significantly larger than the one present in the unaltered file which says to me that i would have to cull out bogus entries before it would be valid...
If anybody is bored enough or curious, feel free to test it and comment but if you do, make sure you verify every relocation you save before saying it saves invalid entries please.
BeaEngine.dll is used for disassembling and before anybody says about loading 2 instances of the same library, that is not the point of the exercise and will not help with building relocations for a .exe file.
Note: Relocation information tree view retains contents, but is cleared on new file loading or closing of form.
Welcome forum.forum is a home.
Please respect the copyright from the Internet. Пожалуйста, уважайте авторское право в Интернете. 來源于互聯網, 請尊重版權. 所發資源全部來自對互聯網公共資源的收集和整理,僅供學習之用,請于下載后24小時自行刪除! Issued by all the resources of public resources from the Internet to collect and collate, study purposes only, please delete themselves 24 hours after downloading! Выпущено всеми ресурсами государственных ресурсов из Интернет а на сбор и обобщение, изучение целей, пожалуйста, удалите себя 24 часов после скачивания! You can Google.
Программное обеспечение выпуска и Windows Crack Обучение Нам-Dabei Guanyin Бодхисаттва Нам без митабха
