Pumqara's PE Library 0.3c-安全工具-看雪-安全社区|安全招聘|kanxue.com

最新回复 (2)
duzaizhe 雪币： 211 活跃值： (40) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 202 粉丝 0 关注私信	duzaizhe 2 楼 THX 2005-9-18 22:22 0
linhanshi 雪币： 97697 活跃值： (200834) 能力值： (RANK：10 ) 在线值：发帖 9249 回帖 27947 粉丝 453 关注私信	linhanshi 3 楼针对该文件; FORM Reverse-Engineering-Community BY:Extrarius I was trying your library and I found a bug with it I guess. I wrote the following function. #include <windows.h> #include "PeLibrary.h" typedef BOOL (WINAPI* LPFNPLOPENFILE)(DWORD,LPTSTR); typedef DWORD (WINAPI* LPFNPLADDIMPORTS)(LPTSTR,LPTSTR); typedef BOOL (WINAPI* LPFNPLCLOSEFILE)(); //------------------------------------------------------------------------------------- bool AddImport( const char* FilePath, const char* LibraryName, const char* FuncName ) { if ( FilePath == NULL \|\| LibraryName == NULL \|\| FuncName == NULL ) { return false; } HMODULE hModule = NULL; bool RetVal = false; try { hModule = LoadLibrary( "PeLibrary.dll" ); if ( hModule != NULL ) { LPFNPLOPENFILE pOpenFile = (LPFNPLOPENFILE)GetProcAddress( hModule, "plOpenFile" ); LPFNPLCLOSEFILE pCloseFile = (LPFNPLCLOSEFILE)GetProcAddress( hModule, "plCloseFile" ); LPFNPLADDIMPORTS pAddImp = (LPFNPLADDIMPORTS)GetProcAddress( hModule, "plAddImportFunction" ); if ( pOpenFile != NULL && pCloseFile != NULL && pAddImp != NULL ) { if ( pOpenFile( PL_NO_OPEN_DIALOG, (char)FilePath ) ) { if ( pAddImp( (char)LibraryName, (char)FuncName ) ) { RetVal = true; } } pCloseFile(); } } } catch( ... ) { } if ( hModule != NULL ) { FreeLibrary( hModule ); } return RetVal; } Everything works fine until the line if ( pAddImp( (char)LibraryName, (char*)FuncName ) ) gets executed. The functions creates a section named +Pumqara but it corrupts the file and gives an access violation error. I tested the function with a simple console program made with VC++ 6 2006-4-20 17:47 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (2)

duzaizhe

雪币： 211

活跃值： (40)

能力值：

( LV2，RANK：10 )

在线值：

发帖

回帖

202

粉丝

关注

私信

duzaizhe: 2 楼

THX

2005-9-18 22:22

linhanshi

雪币： 97697

活跃值： (200834)

能力值：

(RANK：10 )

在线值：

发帖

9249

回帖

27947

粉丝

453

关注

私信

linhanshi: 3 楼

针对该文件;

FORM Reverse-Engineering-Community

BY:Extrarius

I was trying your library and I found a bug with it I guess.
I wrote the following function.


#include <windows.h>
#include "PeLibrary.h"

typedef BOOL (WINAPI* LPFNPLOPENFILE)(DWORD,LPTSTR);
typedef DWORD (WINAPI* LPFNPLADDIMPORTS)(LPTSTR,LPTSTR);
typedef BOOL (WINAPI* LPFNPLCLOSEFILE)();

//-------------------------------------------------------------------------------------
bool AddImport( const char* FilePath, const char* LibraryName, const char* FuncName )
{
   if ( FilePath == NULL || LibraryName == NULL || FuncName == NULL )
   {
      return false;
   }

   HMODULE hModule = NULL;
   bool RetVal = false;

   try
   {
      hModule = LoadLibrary( "PeLibrary.dll" );
      if ( hModule != NULL )
      {
         LPFNPLOPENFILE   pOpenFile  = (LPFNPLOPENFILE)GetProcAddress( hModule, "plOpenFile" );
         LPFNPLCLOSEFILE  pCloseFile = (LPFNPLCLOSEFILE)GetProcAddress( hModule, "plCloseFile" );
         LPFNPLADDIMPORTS pAddImp    = (LPFNPLADDIMPORTS)GetProcAddress( hModule, "plAddImportFunction" );
         
         if ( pOpenFile != NULL && pCloseFile != NULL && pAddImp != NULL  )
         {            
            if ( pOpenFile( PL_NO_OPEN_DIALOG, (char*)FilePath ) )
            {               
               if ( pAddImp( (char*)LibraryName, (char*)FuncName ) )
               {
                  RetVal = true;
               }               
            }
            
            pCloseFile();
         }
      }
   }
   catch( ... )
   {
   }
   
   if ( hModule != NULL )
   {
      FreeLibrary( hModule );
   }
   
   return RetVal;
}

Everything works fine until the line if ( pAddImp( (char*)LibraryName, (char*)FuncName ) ) gets executed. The functions creates a section named +Pumqara but it corrupts the file and gives an access violation error.

I tested the function with a simple console program made with VC++ 6

2006-4-20 17:47