C++ (Cpp) CRC32::value示例

示例#1

bool SyringeDebugger::RetrieveInfo(std::string filename)
{
	bControlLoaded = false;

	exe = std::move(filename);

	Log::WriteLine("SyringeDebugger::RetrieveInfo: Retrieving info from the executable file...");

	PortableExecutable pe(exe);
	if(pe.IsValid())
	{
		DWORD dwImageBase = pe.GetImageBase();

		//Creation time stamp
		dwTimeStamp = pe.GetPEHeader().FileHeader.TimeDateStamp;

		//Entry point
		pcEntryPoint = reinterpret_cast<void*>(dwImageBase + pe.GetPEHeader().OptionalHeader.AddressOfEntryPoint);

		//Get Imports
		pImLoadLibrary = nullptr;
		pImGetProcAddress = nullptr;

		for(const auto& import : pe.GetImports()) {
			if(_strcmpi(import.Name.c_str(), "KERNEL32.DLL") == 0) {
				for(const auto& thunk : import.vecThunkData) {
					if(_strcmpi(thunk.Name.c_str(), "GETPROCADDRESS") == 0) {
						pImGetProcAddress = reinterpret_cast<void*>(dwImageBase + thunk.Address);
					} else if(_strcmpi(thunk.Name.c_str(), "LOADLIBRARYA") == 0) {
						pImLoadLibrary = reinterpret_cast<void*>(dwImageBase + thunk.Address);
					}
				}
			}
		}

		if(!pImGetProcAddress || !pImLoadLibrary) {
			Log::WriteLine("SyringeDebugger::RetrieveInfo: ERROR: Either a LoadLibraryA or a GetProcAddress import could not be found!");
			return false;
		}
	} else {
		Log::WriteLine("SyringeDebugger::RetrieveInfo: Failed to open the executable!");
		return false;
	}

	// read meta information: size and checksum
	ifstream is;
	is.open(exe, ifstream::binary);
	is.seekg(0, ifstream::end);
	dwExeSize = static_cast<DWORD>(is.tellg());
	is.seekg(0, ifstream::beg);

	CRC32 crc;
	char buffer[0x1000];
	while(std::streamsize read = is.read(buffer, sizeof(buffer)).gcount()) {
		crc.compute(buffer, read);
	}
	dwExeCRC = crc.value();
	is.close();

	Log::WriteLine("SyringeDebugger::RetrieveInfo: Executable information successfully retrieved.");
	Log::WriteLine("\texe = %s", exe.c_str());
	Log::WriteLine("\tpImLoadLibrary = 0x%08X", pImLoadLibrary);
	Log::WriteLine("\tpImGetProcAddress = 0x%08X", pImGetProcAddress);
	Log::WriteLine("\tpcEntryPoint = 0x%08X", pcEntryPoint);
	Log::WriteLine("\tdwExeSize = 0x%08X", dwExeSize);
	Log::WriteLine("\tdwExeCRC = 0x%08X", dwExeCRC);
	Log::WriteLine("\tdwTimestamp = 0x%08X", dwTimeStamp);
	Log::WriteLine();

	Log::WriteLine("SyringeDebugger::RetrieveInfo: Opening %s to determine imports.", exe.c_str());

	bControlLoaded = true;
	return true;
}