/*//////////////////////////////////////////////////////////////////////////////
This program will modify itself at the running time,
These methods will be very useful in some situations,
Gook Luck!
//////////////////////////////////////////////////////////////////////////////*/
#include<stdio.h>
#include<windows.h>
void main()
{
TCHAR Info001[MAX_PATH]="Welcome to Big Apple!";
TCHAR Info002[MAX_PATH]="Welcome to Washington!";
char temp=(char)0x90;
WORD temp001=0x9090;
DWORD temp002=0x90909090;
//a kind of method to modify itself
WriteProcessMemory(GetCurrentProcess(),BaseAddressTwo,&temp001,2,NULL);
WriteProcessMemory(GetCurrentProcess(),BaseAddressOne,&temp001,2,NULL);
/*
//Another method to modify itself,this method needs to modify the code section's
//characteristics in PE file.
SetFilePointer(hDestinationFile,OffsetOfNewHeader+4,NULL,FILE_BEGIN); //Set the file pointer to point to IMAGE_FILE_HEADER
ReadFile(hDestinationFile,&ImageFileHeader,
sizeof(IMAGE_FILE_HEADER),&NumberOfBytesRead,NULL); //Retrieve IMAGE_FILE_HEADER
if(NumberOfBytesRead!=sizeof(IMAGE_FILE_HEADER))
{
// printf("\nReadFile() fails! Can't get IMAGE_FILE_HEADER.\n");
CloseHandle(hDestinationFile);
return FALSE;
}
NumberOfSections=ImageFileHeader.NumberOfSections; //Number of sections
SizeOfSectionTable=sizeof(IMAGE_SECTION_HEADER)*NumberOfSections; //Get the size of Section Table
hGlobalAllocatedMemory=GlobalAlloc(GPTR,SizeOfSectionTable); //Allocate memory and initialize with zero
if(hGlobalAllocatedMemory==NULL)
{
// printf("\nGlobalAlloc() failed! Please try again.\n"); //if failed,return
CloseHandle(hDestinationFile);
return FALSE;
}
pImageSectionHeader=(PIMAGE_SECTION_HEADER)hGlobalAllocatedMemory; //Convert a handle to a pointer to IMAGE_SECTION_HEADER
for(i=0;i<NumberOfSections;i++) //Retrieve the Section Table
{
ReadFile(hDestinationFile,pImageSectionHeader+i,
sizeof(IMAGE_SECTION_HEADER),&NumberOfBytesRead,NULL);
if(NumberOfBytesRead!=sizeof(IMAGE_SECTION_HEADER))
{
// printf("Error.Can't get IMAGE_SECTION_HEADER.\n");
CloseHandle(hDestinationFile);
return FALSE;
}
}
if((*(pImageSectionHeader+i)).PointerToRawData+(*(pImageSectionHeader+i)).SizeOfRawData>dwFileSize)
{
CloseHandle(hDestinationFile);
return FALSE;
}
if((*(pImageSectionHeader+i)).PointerToRawData % ImageOptionalHeader.FileAlignment!=0)
{
CloseHandle(hDestinationFile);
return FALSE;
}
printf("\nThe name of the section%d: ",i);
printf("%s\n",(*(pImageSectionHeader+i)).Name);
printf("Characteristics: %#x\n",(*(pImageSectionHeader+i)).Characteristics);
printf("\nPlease input the new characteristics of the section.\n");
printf("If you enter 0,the characteristics of the section will not be modified.\n");
scanf("%x",&dwTempCharacteristics);
void main(int argc,char *argv[])
{
if(argc!=2)
{
printf("Error\nUsage:ModifyCharacteristicsOfSections CompleteDestinationFileName\n");
return;
}
if(!ModifyCharacteristicsOfSections(argv[1]))
{
printf("\nError.This usually means that this file is not a valid PE file or\n");
printf("that this PE file has been modified by another program,for example,shell programm.\n");
}
}
The name of the section0: .text
Characteristics: 0x60000020
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
e0000020
------------------------------------------------------
The name of the section1: .rdata
Characteristics: 0x40000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section2: .data
Characteristics: 0xc0000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section3: .idata
Characteristics: 0xc0000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section4: .reloc
Characteristics: 0x42000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
Complete successfully!
The name of the section0: .text
Characteristics: 0xe0000020
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section1: .rdata
Characteristics: 0x40000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section2: .data
Characteristics: 0xc0000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section3: .idata
Characteristics: 0xc0000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
The name of the section4: .reloc
Characteristics: 0x42000040
Please input the new characteristics of the section.
If you enter 0,the characteristics of the section will not be modified.
0
------------------------------------------------------
Complete successfully!
