; 循环显示每个节区的信息
;********************************************************************
movzx ecx,[edi].FileHeader.NumberOfSections
add edi,sizeof IMAGE_NT_HEADERS
assume edi:ptr IMAGE_SECTION_HEADER
.repeat
push ecx
;********************************************************************
; 节区名称
;********************************************************************
invoke RtlZeroMemory,addr @szSectionName,sizeof @szSectionName
push esi
push edi
mov ecx,8
mov esi,edi
lea edi,@szSectionName
cld
@@:
lodsb
.if ! al
mov al,’ ’
.endif
stosb
loop @B
pop edi
pop esi
;********************************************************************
invoke lstrcmpi,offset dataname,addr @szSectionName
.if eax == 0
push [edi].VirtualAddress
pop VirtualAddress
push dword ptr [edi+8]
pop VirtualSize
ret
.else
add edi,sizeof IMAGE_SECTION_HEADER
.endif
;********************************************************************
pop ecx
.untilcxz
assume edi:nothing
ret
_ProcessPeFile endp
CheckOS proc
LOCAL verinfOSVERSIONINFO
mov verinfo.dwOSVersionInfoSize,sizeof OSVERSIONINFO
invoke GetVersionEx,addr verinfo
.if (verinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && verinfo..dwMajorVersion == 5 && verinfo.dwMinorVersion == 1)
mov eax,1 ;xp
mov passoffset,0A4H
mov lenoffset ,14H
.elseif (verinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && verinfo.dwMajorVersion == 5 && verinfo.dwMinorVersion == 2)
mov eax,1 ;2003
mov passoffset,0A0H
mov lenoffset ,0CH
.elseif (verinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && verinfo.dwMajorVersion == 5 && verinfo.dwMinorVersion == 0)
mov eax,1 ;2000
mov passoffset,98H
mov lenoffset ,0cH
.else
invoke MessageBox,0,offset erros,offset vp,1
xor eax,eax ;9x,nt4
.endif
ret
CheckOS endp
_ProcDlgMain proc uses ebx edi esi, \
hWnd:DWORD,wMsg:DWORD,wParam:DWORD,lParam:DWORD
local @stPoint:POINT
local @hWindow
local hBrush :dword
local rect:RECT
local LogBrush:LOGBRUSH
mov eax,wMsg
.if eax == WM_CLOSE
invoke EndDialog,hWnd,NULL
invoke KillTimer,hWnd,1
.elseif eax == WM_INITDIALOG
push hWnd
pop hWinMain
invoke LoadIcon, hInstance, 1
invoke SendMessage, hWnd, WM_SETICON, ICON_SMALL, eax
invoke SendDlgItemMessage,hWnd,ID_PWD,EM_SETREADONLY,TRUE,NULL
invoke SetWindowPos,hWnd,HWND_TOPMOST,0,0,0,0,\
SWP_NOMOVE or SWP_NOSIZE
invoke SetTimer,hWnd,1,2000,NULL
invoke LoadBitmap,hInstance,IDB_1
invoke SendDlgItemMessage,hWnd,IDC_BMP,STM_SETIMAGE,IMAGE_BITMAP,eax
invoke GetWindowLong,hWnd, GWL_EXSTYLE
or eax,80000h
invoke SetWindowLong,hWnd, GWL_EXSTYLE, eax
invoke SetLayeredWindowAttributes,hWnd, 0, 220, 02h;LWA_ALPHA
.elseif eax == WM_CTLCOLORSTATIC
RGB 0,0,0
invoke SetBkColor,wParam,eax
invoke SetTextColor,wParam,00aeaeaeh
invoke GetStockObject,HOLLOW_BRUSH
ret
.elseif eax == WM_ERASEBKGND
mov LogBrush.lbStyle,BS_SOLID
RGB 0,0,0
mov LogBrush.lbColor,eax
invoke CreateBrushIndirect,addr LogBrush
mov hBrush,eax
invoke GetClientRect,hWnd,addr rect
invoke FillRect,wParam,addr rect,hBrush
mov eax,TRUE
ret
.elseif eax == WM_TIMER
invoke GetCursorPos,addr @stPoint
invoke WindowFromPoint,@stPoint.x,@stPoint.y
mov @hWindow,eax
.if eax != NULL
invoke GetWindowLong,@hWindow,GWL_STYLE
.if (eax & ES_PASSWORD)
invoke GetClassName,@hWindow,offset classname,64
invoke lstrcmpi,offset classname,offset editname
.if eax == 0
上一页 1 2 3 4 5 6 7 8 9 10 下一页 |
安全中国首页 > 文章中心 > 黑客编程