Exemplo n.º 1
0
//由虚拟地址转换得到文件加载到内存中的地址
DWORD CPeFile::GetFileRawAddr(DWORD dwRVA)
{
	PIMAGE_FILE_HEADER pFileHeader = GetFileHeader();
	PIMAGE_SECTION_HEADER pSectionHeader = GetFirstSectionHeader();
	
	if(pSectionHeader)
	{
		for( int i=0;  i<pFileHeader->NumberOfSections;  i++ )
		{
			if( dwRVA >= pSectionHeader[i].VirtualAddress  && 
				dwRVA < pSectionHeader[i].VirtualAddress + pSectionHeader[i].Misc.VirtualSize)
			{			
				//虚拟地址在节内的偏移量
				DWORD dwAddr = dwRVA - pSectionHeader[i].VirtualAddress;
				//在节内的实际偏移地址
				dwAddr += pSectionHeader[i].PointerToRawData;
				//内存中的地址
				dwAddr += (DWORD)m_stMapFile.ImageBase;

				return dwAddr;
			}
		}
	}

	return  0;
}
Exemplo n.º 2
0
PIMAGE_SECTION_HEADER CPEFile::GetSection(int index)  // done!
{
    int nCount = GetSectionCount();
    if (index >= nCount || index < 0)
        return NULL;

    PIMAGE_SECTION_HEADER pFirstSection = GetFirstSectionHeader();
    for (int i = 0; i < nCount; i++,pFirstSection++ )
        if (i == index)
            return pFirstSection;
    return NULL;
}
Exemplo n.º 3
0
void CELFFile::AddSegmentSection(char * new_section_name,size_t new_section_size,long new_section_flag)
{
    printf("new base:%x\n",GetNewSegmentSectionBase() );
    long new_section_addr = GetNewSegmentSectionBase();
    Elf32_Phdr * new_phdr_header = AddProgramHeader();


    new_phdr_header->p_align = 0x1000;//new_section_size + (0x1000 - (new_section_size % 0x1000));
    new_phdr_header->p_filesz = new_section_size;
    new_phdr_header->p_memsz = new_section_size;
    new_phdr_header->p_offset = size;
    new_phdr_header->p_flags = new_section_flag;//PF_X|PF_W|PF_R;
    new_phdr_header->p_vaddr = new_section_addr;
    new_phdr_header->p_type = PT_LOAD;
    new_phdr_header->p_paddr = new_section_addr;


    //asm("int3");
    ReallocImage(size+new_section_size);
    return ;
    if (buffer == NULL || new_section_size == 0)
        return;
    size_t old_size = size;
    Elf32_Shdr * t_shdr_header =  GetFirstSectionHeader() + GetSectionCount();
    if (reinterpret_cast<size_t>(t_shdr_header) - reinterpret_cast<size_t>(GetImage()) == old_size)
    {
        ReallocImage(size + new_section_size + sizeof(Elf32_Shdr));
    }
    else
    {
        ReallocImage(size + new_section_size );
    }


    Elf32_Ehdr * elf_header = GetElfHeader();

    Elf32_Shdr * string_section_header = GetSectionHeader( elf_header->e_shstrndx );

    size_t str_table_last_offset = string_section_header->sh_size + string_section_header->sh_offset;
    char * new_string_begin_addr = reinterpret_cast<char*>(GetImage()) + str_table_last_offset;
    strcpy(new_string_begin_addr,new_section_name);
    string_section_header->sh_size += strlen(new_section_name);
    //Elf32_Shdr * new_shdr_header = GetSectionHeader(GetSectionCount() - 1);
    //Elf32_Shdr * new_shdr_header = GetSectionHeader(0) + GetSectionCount();
    //printf ("last section:%s\n",GetStringTableStr( new_shdr_header->sh_name));
    Elf32_Shdr * new_shdr_header = reinterpret_cast<Elf32_Shdr*>(
                                         (elf_header->e_shoff +
                                          reinterpret_cast<Elf32_Off>(GetImage())));
    new_shdr_header += GetSectionCount();

    //new_shdr_header++;
    printf("Elf32_Shdr Size:%x\n",sizeof(Elf32_Shdr));
    if (reinterpret_cast<size_t>(new_shdr_header) - reinterpret_cast<size_t>(GetImage()) == old_size)
    {
        new_shdr_header->sh_offset = old_size + sizeof(Elf32_Shdr);
    }
    else
    {
        new_shdr_header->sh_offset = old_size;
    }

    printf("offset :%x\n",reinterpret_cast<size_t>(new_shdr_header) - reinterpret_cast<size_t>(GetImage()));
    new_shdr_header->sh_name = str_table_last_offset - string_section_header->sh_offset;
    printf ("last section:%s\n",GetStringTableStr( new_shdr_header->sh_name));
    new_shdr_header->sh_addr = GetNewSectionBase();
    new_shdr_header->sh_size = new_section_size;
    printf("size :%#x\n",new_shdr_header->sh_size);
    new_shdr_header->sh_flags = new_section_flag;

    //new_shdr_header->sh_offset = old_size;
    new_shdr_header->sh_type = 1;
    new_shdr_header->sh_link = 0;
    new_shdr_header->sh_info = 0;
    new_shdr_header->sh_addralign = 16;
    new_shdr_header->sh_entsize = 0;
    ++elf_header->e_shnum;


    /*
    Elf32_Phdr * new_phdr_header = GetProgramHeader(GetProgramCount() - 1);
    new_phdr_header++;
    printf("new_phdr_header offset:%#x\n",(size_t)new_phdr_header - (size_t)GetImage());
    new_phdr_header->p_align = 0x1000;//new_section_size + (0x1000 - (new_section_size % 0x1000));
    new_phdr_header->p_filesz = new_section_size;
    new_phdr_header->p_memsz = new_section_size;
    new_phdr_header->p_offset = new_shdr_header->sh_offset;
    new_phdr_header->p_flags = 5;
    new_phdr_header->p_vaddr = new_shdr_header->sh_addr;
    new_phdr_header->p_type = 1;
    new_phdr_header->p_paddr = new_phdr_header->p_vaddr;
    elf_header->e_phnum += 1;*/
}
Exemplo n.º 4
0
void CELFFile::AddSection(char * new_section_name,size_t new_section_size,long new_section_flag)
{
    if (buffer == NULL || new_section_size == 0)
        return;
    size_t old_size = size;
    Elf32_Shdr * t_shdr_header =  GetFirstSectionHeader() + GetSectionCount();
    if (reinterpret_cast<size_t>(t_shdr_header) - reinterpret_cast<size_t>(GetImage()) == old_size)
    {
        ReallocImage(size + new_section_size + sizeof(Elf32_Shdr));
    }
    else
    {
        ReallocImage(size + new_section_size );
    }


    Elf32_Ehdr * elf_header = GetElfHeader();

    Elf32_Shdr * string_section_header = GetSectionHeader( elf_header->e_shstrndx );

    size_t str_table_last_offset = string_section_header->sh_size + string_section_header->sh_offset;
    char * new_string_begin_addr = reinterpret_cast<char*>(GetImage()) + str_table_last_offset;
    strcpy(new_string_begin_addr,new_section_name);
    string_section_header->sh_size += strlen(new_section_name);
    //Elf32_Shdr * new_shdr_header = GetSectionHeader(GetSectionCount() - 1);
    //Elf32_Shdr * new_shdr_header = GetSectionHeader(0) + GetSectionCount();
    //printf ("last section:%s\n",GetStringTableStr( new_shdr_header->sh_name));
    Elf32_Shdr * new_shdr_header = reinterpret_cast<Elf32_Shdr*>(
                                         (elf_header->e_shoff +
                                          reinterpret_cast<Elf32_Off>(GetImage())));
    new_shdr_header += GetSectionCount();

    //new_shdr_header++;
    printf("Elf32_Shdr Size:%x\n",sizeof(Elf32_Shdr));
    if (reinterpret_cast<size_t>(new_shdr_header) - reinterpret_cast<size_t>(GetImage()) == old_size)
    {
        new_shdr_header->sh_offset = old_size + sizeof(Elf32_Shdr);
    }
    else
    {
        new_shdr_header->sh_offset = old_size;
    }

    printf("offset :%x\n",reinterpret_cast<size_t>(new_shdr_header) - reinterpret_cast<size_t>(GetImage()));
    new_shdr_header->sh_name = str_table_last_offset - string_section_header->sh_offset;
    printf ("last section:%s\n",GetStringTableStr( new_shdr_header->sh_name));
    new_shdr_header->sh_addr = GetNewSectionBase();
    new_shdr_header->sh_size = new_section_size;
    printf("size :%#x\n",new_shdr_header->sh_size);
    new_shdr_header->sh_flags = new_section_flag;

    //new_shdr_header->sh_offset = old_size;
    new_shdr_header->sh_type = 1;
    new_shdr_header->sh_link = 0;
    new_shdr_header->sh_info = 0;
    new_shdr_header->sh_addralign = 16;
    new_shdr_header->sh_entsize = 0;
    ++elf_header->e_shnum;


}