FreeLibrary(hDll);pCMydllObj->i

最新推荐文章于 2023-01-09 11:07:58 发布
原创 最新推荐文章于 2023-01-09 11:07:58 发布 · 888 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文介绍了一个C/C++程序中加载并使用DLL文件的例子。通过LoadLibrary与GetProcAddress函数获取DLL中的函数地址,并调用这些函数来创建和使用DLL中的对象。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

int main(int argc, char* argv[])
{
    HINSTANCE hDll=LoadLibrary("..\\..\\Debug\\mydll.dll");
	CreateCMydllObj=(F_CreateCMydllObj)GetProcAddress(hDll, "CreateCMydllObj");
	DelCMydllObj=(F_DelCMydllObj)GetProcAddress(hDll, "DelCMydllObj");
	CallCMydllObj=(F_CallCMydllObj)GetProcAddress(hDll, "CallCMydllObj");

	CMydll* pCMydllObj=CreateCMydllObj();
	printf("%d!\n",pCMydllObj->i);
	CallCMydllObj();
	
	//DelCMydllObj();
	printf("%d!\n",pCMydllObj->i);

	pause();
    FreeLibrary(hDll);
	printf("%d!\n",pCMydllObj->i);
	
	printf("================!\n");
	return 0;
}

【无标题】解密动态库(DLL)缺少.LIB 和.H 文件的使用方法
weixin_42116754的博客
12-19 1076
各位从事应用开发工作的小伙伴们,我们在以往的项目开发工作中经常会调用三方的DLL ,突然有一天我们发现DLL 的.LIB 和.H 文件丢失了,这让我们无法应用该DLL 到我们的项目中,是不是感觉相当的郁闷。现在让我分享一种方法给大家去解决这个问题。 首先我们得获取该DLL 得导出函数,就是知道我们能使用该库得哪些函数名。我们可以用dumpbin 这个命令查询DLL 中的导出函数。例如我们有Test.dll 这个动态库。 DUMPBIN /EXPORTS DTest.dll ordinal hin
FFmpeg+dxva2 硬解码库封装
tian028的博客
11-06 1651
参考msdn上Win32Project1_ffmpeg_dxva2 工程 封装了个c++版的dxva2 硬解码库: #pragma once #include <d3d9.h> #include <dxva2api.h> #include "D3DVidRender.h" extern "C" { #include "libavformat/avformat.h" #include "libavcodec/avcodec.h" #include "libavutil/pixfm.
LoadLibrary|GetProcAddress|FreeLibrary Windows api第七弹 VS中使用.dll的步骤
Bobowen的博客
10-08 1965
VS中使用.dll的步骤
C++导出DLL供Delphi调用,通过LoadLibraryEx加载,通过FreeLibrary卸载,再用LoadLibraryEx加载同一dll(但dll文件不在同一个位置),是否会导致第一次加载的DLL中的全局变量和静态变量残留,影响第二次加载的DLL的运行流程?上述C++导出的DLL中,通过 AppDelegate app; cocos2d::Application::getInstance()->run(); 启动游戏,通过cocos2d::Director::getInstance()->end(); 结束游戏,是否会存在问题?
04-28
director->setOpenGLView(GLViewImpl::create("MyGame")); // 初始化场景 director->runWithScene(StartScene::create()); return true; } ``` 2. **Director::end()的隐患** - `Director::end()`会终止主...
visual c++6.0下载后出现这个是什么意思 111.asp <HTML> <HEAD> <META NAME="GENERATOR" Content="Microsoft Developer Studio"> <META HTTP-EQUIU="Content-Type" content="text/html; charset=gb_2312-80"><TITLE>Document Title</TITLE> </HEAD> <BODY> Insert HTML here --> </BODY> </HTML> Fil. + ld 搜索
04-13
FreeLibrary(hModule); return procAddr != NULL; } int main(){ std::cout (IsFunctionAvailable("DebugBreak","kernel32.dll") ? "Yes":"No") ; } ``` 上述例子演示了怎样通过编程手段查询某特定 API ...
#ifndef _DCOMPFACTORY_H_ #define _DCOMPFACTORY_H_ #ifdef _WIN32 #include <Unknwnbase.h> namespace D2DRENDER { // COM接口化 // {E1818A78-D4DD-4234-ACA1-15BFD37E80CB} // IMPLEMENT_OLECREATE(<< class >> , << external_name >> , // 0xe1818a78, 0xd4dd, 0x4234, 0xac, 0xa1, 0x15, 0xbf, 0xd3, 0x7e, 0x80, 0xcb); MIDL_INTERFACE("E1818A78-D4DD-4234-ACA1-15BFD37E80CB") IDcompFactory :public IUnknown { STDMETHOD_(HRESULT, QueryInterface)(REFIID riid, void** ppvObject)PURE; STDMETHOD_(ULONG, AddRef)()PURE; STDMETHOD_(ULONG, Release)()PURE; STDMETHOD(DCompositionCreateDevice)(IUnknown* dxgiDevice, REFIID iid, void** device)PURE; }; // COM接口化 // {CE28B6E9-665D-464F-A613-43A46830BBBF} // IMPLEMENT_OLECREATE(<< class >> , << external_name >> , // 0xce28b6e9, 0x665d, 0x464f, 0xa6, 0x13, 0x43, 0xa4, 0x68, 0x30, 0xbb, 0xbf); MIDL_INTERFACE("CE28B6E9-665D-464F-A613-43A46830BBBF") IDcompFactory1 :public IDcompFactory { STDMETHOD(DCompositionCreateDevice2)(IUnknown* d2dDevice, REFIID iid, void** device)PURE; }; IDcompFactory* CoCreateDcompFactory(); } #endif //_WIN32 #endif // !_DCOMPFACTORY_H_ #include "DcompFactory.h" #include "SystemDetector.h" #include <dxgi.h> #include <d2d1_1.h> using namespace D2DRENDER; // 匹配 dcomp.h 中的 DCompositionCreateDevice 函数原型 typedef HRESULT(WINAPI* fDCompositionCreateDevice)( IDXGIDevice* dxgiDevice, REFIID riid, void** ppv ); // 匹配 dcomp.h 中的 DCompositionCreateDevice2 函数原型 typedef HRESULT(WINAPI* fDCompositionCreateDevice2)( IUnknown* renderingDevice, REFIID riid, void** ppv ); class CDcompFactory1; class CDcompFactory : public IDcompFactory { friend class CDcompFactory1; public: CDcompFactory(); ~CDcompFactory(); STDMETHOD_(HRESULT, QueryInterface)(REFIID riid, void** ppvObject); STDMETHOD_(ULONG, AddRef)(); STDMETHOD_(ULONG, Release)(); STDMETHOD(DCompositionCreateDevice)(IUnknown* dxgiDevice, REFIID riid, void** ppv); private: DWORD m_dwRefCount; HMODULE m_hModule; fDCompositionCreateDevice m_pfDCompositionCreateDevice; }; CDcompFactory::CDcompFactory(): m_dwRefCount(0), m_hModule(nullptr), m_pfDCompositionCreateDevice(nullptr) { m_hModule = LoadLibrary("dcomp.dll"); if (m_hModule) { m_pfDCompositionCreateDevice = (fDCompositionCreateDevice)GetProcAddress(m_hModule, "DCompositionCreateDevice"); } //else 当前系统小于win8 } CDcompFactory::~CDcompFactory() { if(m_hModule)FreeLibrary(m_hModule); } STDMETHODIMP CDcompFactory::QueryInterface(REFIID riid, void** ppvObject) { if (riid == __uuidof(IDcompFactory)) { *ppvObject = this; AddRef(); return S_OK; } else { *ppvObject = nullptr; return E_NOINTERFACE; } } STDMETHODIMP_(ULONG) CDcompFactory::AddRef() { return InterlockedIncrement(&m_dwRefCount); } STDMETHODIMP_(ULONG) CDcompFactory::Release() { ULONG ulCount = InterlockedDecrement(&m_dwRefCount); if (ulCount == 0) { delete this; } return ulCount; } STDMETHODIMP CDcompFactory::DCompositionCreateDevice(IUnknown* dxgiDevice, REFIID riid, void** ppv) { IDXGIDevice* pDXGIDevice = nullptr; if ( !dxgiDevice || FAILED(dxgiDevice->QueryInterface(IID_PPV_ARGS(&pDXGIDevice))) ) { return E_INVALIDARG; } if (m_pfDCompositionCreateDevice == nullptr) { pDXGIDevice->Release(); return E_NOINTERFACE; } HRESULT hr = m_pfDCompositionCreateDevice(pDXGIDevice, riid, ppv); pDXGIDevice->Release(); return hr; } /***************************************************************************************************************************************************/ class CDcompFactory1 : public IDcompFactory1 { public: CDcompFactory1(): m_dwRefCount(0), m_pfDCompositionCreateDevice2(nullptr) { if (m_dcompFactory.m_hModule)//检测模块是否已经加载 { m_pfDCompositionCreateDevice2 = (fDCompositionCreateDevice2)GetProcAddress(m_dcompFactory.m_hModule, "DCompositionCreateDevice2"); } //else 当前系统小于win8 } STDMETHOD_(HRESULT, QueryInterface)(REFIID riid, void** ppvObject) { if (riid == __uuidof(IDcompFactory)) { *ppvObject = &m_dcompFactory; m_dcompFactory.AddRef(); return S_OK; } if (riid == __uuidof(IDcompFactory1)) { *ppvObject = this; AddRef(); return S_OK; } else { *ppvObject = nullptr; return E_NOINTERFACE; } } STDMETHOD_(ULONG, AddRef)() { return InterlockedIncrement(&m_dwRefCount); } STDMETHOD_(ULONG, Release)() { ULONG ulCount = InterlockedDecrement(&m_dwRefCount); if (ulCount == 0) { delete this; } return ulCount; } STDMETHOD(DCompositionCreateDevice)(IUnknown* dxgiDevice, REFIID riid, void** ppv) { return m_dcompFactory.DCompositionCreateDevice(dxgiDevice, riid, ppv); } STDMETHOD(DCompositionCreateDevice2)(IUnknown* d2dDevice, REFIID iid, void** device) { ID2D1Device* pD2DDevice = nullptr; if (!d2dDevice || FAILED(d2dDevice->QueryInterface(IID_PPV_ARGS(&pD2DDevice)))) { return E_INVALIDARG; } if (m_pfDCompositionCreateDevice2 == nullptr) { return E_NOINTERFACE; } HRESULT hr = m_pfDCompositionCreateDevice2(pD2DDevice, iid, device); pD2DDevice->Release(); return hr; } private: DWORD m_dwRefCount; CDcompFactory m_dcompFactory; fDCompositionCreateDevice2 m_pfDCompositionCreateDevice2; }; IDcompFactory* D2DRENDER::CoCreateDcompFactory() { IDcompFactory1* Factory = new CDcompFactory1; Factory->AddRef(); return Factory; }用我的代码,使用上述方案重构
08-17
dxgiDevice || FAILED(dxgiDevice->QueryInterface(IID_PPV_ARGS(&pDXGIDevice)))) { return E_INVALIDARG; } if (!m_pfnCreateDevice) { pDXGIDevice->Release(); return E_NOINTERFACE; } HRESULT hr = m...
#include "pch.h" #include <Windows.h> #include <Wbemidl.h> #include <comdef.h> #include <WinCrypt.h> #include <string> #include <algorithm> #include <sstream> #include <vector> #pragma comment(lib, "wbemuuid.lib") #pragma comment(lib, "Advapi32.lib") #pragma comment(lib, "Crypt32.lib") // 导出函数声明 extern "C" __declspec(dllexport) const char* GetMachineCode(); extern "C" __declspec(dllexport) const char* ComputeRegistration(const char* machineCode, int daysChoice); extern "C" __declspec(dllexport) BOOL SaveRegistration(const char* machineCode, const char* regCode, int daysChoice); extern "C" __declspec(dllexport) int ValidateLicense(); // 全局缓冲区用于返回字符串 thread_local static char g_buffer[256] = { 0 }; // 获取机器码函数 const char* GetMachineCode() { HRESULT hres; std::string serials; // 初始化COM hres = CoInitializeEx(0, COINIT_MULTITHREADED); if (FAILED(hres)) { strcpy_s(g_buffer, "COM Init Failed"); return g_buffer; } // 设置安全级别 hres = CoInitializeSecurity( NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL ); if (FAILED(hres)) { CoUninitialize(); strcpy_s(g_buffer, "Security Init Failed"); return g_buffer; } // 创建WMI实例 IWbemLocator* pLoc = NULL; hres = CoCreateInstance( CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (LPVOID*)&pLoc ); if (FAILED(hres)) { CoUninitialize(); strcpy_s(g_buffer, "WMI Locator Failed"); return g_buffer; } // 连接WMI IWbemServices* pSvc = NULL; hres = pLoc->ConnectServer( _bstr_t(L"ROOT\\CIMV2"), NULL, NULL, 0, NULL, 0, 0, &pSvc ); if (FAILED(hres)) { pLoc->Release(); CoUninitialize(); strcpy_s(g_buffer, "WMI Connect Failed"); return g_buffer; } // 设置代理安全 hres = CoSetProxyBlanket( pSvc, RPC_C_AUTHN_WINNT, RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_CALL, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE ); if (FAILED(hres)) { pSvc->Release(); pLoc->Release(); CoUninitialize(); strcpy_s(g_buffer, "Proxy Setup Failed"); return g_buffer; } // 执行查询 IEnumWbemClassObject* pEnumerator = NULL; hres = pSvc->ExecQuery( bstr_t("WQL"), bstr_t("SELECT SerialNumber FROM Win32_DiskDrive"), WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, NULL, &pEnumerator ); if (FAILED(hres)) { pSvc->Release(); pLoc->Release(); CoUninitialize(); strcpy_s(g_buffer, "Query Failed"); return g_buffer; } // 处理查询结果 IWbemClassObject* pclsObj = NULL; ULONG uReturn = 0; while (pEnumerator) { HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1, &pclsObj, &uReturn); if (uReturn == 0) break; VARIANT vtProp; VariantInit(&vtProp); // 获取序列号 hr = pclsObj->Get(L"SerialNumber", 0, &vtProp, 0, 0); if (SUCCEEDED(hr) && vtProp.vt == VT_BSTR) { _bstr_t bstr(vtProp.bstrVal); serials += (const char*)bstr; } VariantClear(&vtProp); pclsObj->Release(); } // 清理资源 pEnumerator->Release(); pSvc->Release(); pLoc->Release(); CoUninitialize(); // 计算MD5哈希 HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; BYTE rgbHash[16]; DWORD cbHash = 16; CHAR rgbDigits[] = "0123456789abcdef"; if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { strcpy_s(g_buffer, "Crypto Context Failed"); return g_buffer; } if (!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) { CryptReleaseContext(hProv, 0); strcpy_s(g_buffer, "Hash Creation Failed"); return g_buffer; } if (!CryptHashData(hHash, (BYTE*)serials.c_str(), (DWORD)serials.length(), 0)) { CryptDestroyHash(hHash); CryptReleaseContext(hProv, 0); strcpy_s(g_buffer, "Hashing Failed"); return g_buffer; } if (CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0)) { std::string hashStr; for (DWORD i = 0; i < cbHash; i++) { char hex[3]; sprintf_s(hex, "%02x", rgbHash[i]); hashStr += hex; } strcpy_s(g_buffer, hashStr.c_str()); } else { strcpy_s(g_buffer, "Hash Retrieval Failed"); } CryptDestroyHash(hHash); CryptReleaseContext(hProv, 0); return g_buffer; } // 计算注册码 const char* ComputeRegistration(const char* machineCode, int daysChoice) { int days; switch (daysChoice) { case 0: days = 7; break; case 1: days = 15; break; case 2: days = 30; break; default: days = 9999; // 永久 } std::string mc(machineCode); if (mc.length() < 5) { strcpy_s(g_buffer, "Invalid Machine Code"); return g_buffer; } // 算法:前4字符 + (第5字符ASCII+天数) + 反转字符前4 + 天数*100 std::string part1 = mc.substr(0, 4); char c = mc[4]; std::string part2 = std::to_string(static_cast<int>(c) + days); std::string reversed = mc; std::reverse(reversed.begin(), reversed.end()); std::string part3 = reversed.substr(0, 4); std::string part4 = std::to_string(days * 100); std::string regCode = part1 + part2 + part3 + part4; strcpy_s(g_buffer, regCode.c_str()); return g_buffer; } // 保存注册信息 BOOL SaveRegistration(const char* machineCode, const char* regCode, int daysChoice) { HKEY hKey; std::string subkey = "Software\\MyPlugin\\"; subkey += machineCode; // 创建注册表项 if (RegCreateKeyExA( HKEY_CURRENT_USER, subkey.c_str(), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, NULL) != ERROR_SUCCESS) { return FALSE; } // 写入注册码 if (RegSetValueExA( hKey, "Registration", 0, REG_SZ, (const BYTE*)regCode, (DWORD)strlen(regCode) + 1) != ERROR_SUCCESS) { RegCloseKey(hKey); return FALSE; } // 写入天数选项 std::string daysStr = std::to_string(daysChoice); if (RegSetValueExA( hKey, "ExpireDays", 0, REG_SZ, (const BYTE*)daysStr.c_str(), (DWORD)daysStr.length() + 1) != ERROR_SUCCESS) { RegCloseKey(hKey); return FALSE; } // 写入注册日期 (使用系统时间) SYSTEMTIME st; GetLocalTime(&st); char dateStr[32]; sprintf_s(dateStr, "%04d%02d%02d%02d%02d%02d", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond); if (RegSetValueExA( hKey, "RegisterDate", 0, REG_SZ, (const BYTE*)dateStr, (DWORD)strlen(dateStr) + 1) != ERROR_SUCCESS) { RegCloseKey(hKey); return FALSE; } RegCloseKey(hKey); return TRUE; } // 验证授权 int ValidateLicense() { const char* machineCode = GetMachineCode(); if (!machineCode || strlen(machineCode) == 0) { return 0; // 获取机器码失败 } std::string subkey = "Software\\MyPlugin\\"; subkey += machineCode; HKEY hKey; if (RegOpenKeyExA( HKEY_CURRENT_USER, subkey.c_str(), 0, KEY_READ, &hKey) != ERROR_SUCCESS) { return -1; // 未注册 } // 读取注册信息 char regDate[32] = { 0 }; DWORD size = sizeof(regDate); if (RegQueryValueExA( hKey, "RegisterDate", NULL, NULL, (LPBYTE)regDate, &size) != ERROR_SUCCESS) { RegCloseKey(hKey); return -1; } char daysChoice[10] = { 0 }; size = sizeof(daysChoice); if (RegQueryValueExA( hKey, "ExpireDays", NULL, NULL, (LPBYTE)daysChoice, &size) != ERROR_SUCCESS) { RegCloseKey(hKey); return -1; } RegCloseKey(hKey); // 解析注册日期 int year, month, day, hour, min, sec; if (sscanf_s(regDate, "%4d%2d%2d%2d%2d%2d", &year, &month, &day, &hour, &min, &sec) != 6) { return -1; } // 计算已过天数 SYSTEMTIME regTime = { 0 }; regTime.wYear = year; regTime.wMonth = month; regTime.wDay = day; FILETIME ftReg, ftNow; SystemTimeToFileTime(&regTime, &ftReg); GetSystemTimeAsFileTime(&ftNow); ULARGE_INTEGER ulReg, ulNow; ulReg.LowPart = ftReg.dwLowDateTime; ulReg.HighPart = ftReg.dwHighDateTime; ulNow.LowPart = ftNow.dwLowDateTime; ulNow.HighPart = ftNow.dwHighDateTime; ULONGLONG diff = ulNow.QuadPart - ulReg.QuadPart; int daysPassed = static_cast<int>(diff / (10000000ULL * 60 * 60 * 24)); // 检查授权状态 int choice = atoi(daysChoice); if (choice == 3) return 1; // 永久授权 int maxDays = 0; switch (choice) { case 0: maxDays = 7; break; case 1: maxDays = 15; break; case 2: maxDays = 30; break; default: return 0; } return (daysPassed <= maxDays) ? 1 : 0; } 生成的dll如何使用
07-18
FreeLibrary(hDll); return 1; } ``` #### 2. 获取机器码 ```cpp // 获取机器码 const char* machineCode = GetMachineCode(); std::cout 机器码: " ; ``` #### 3. 计算注册码(需配合注册系统) ```cpp //...
DLL生成与调用总结
BrianO'con的博客
01-09 3869
DLL生成与调用
【DLL】【一文搞懂】(四)GetProcAddress函数
热门推荐
此地无银
02-11 1万+
一文搞懂动态库导入,GetProcAddress使用(动态库的显式链接)
C++ dll调用-动态(显式)
dcj36146的博客
02-08 870
今天尝试写了一个简单的C++DLL,并且用另一个CPP调用它,啥都不说,先贴代码 1.DLL(冒泡算法) extern "C"_declspec(dllexport) void maopao(int *p,int count);void maopao(int *p,int count){ int temp=0; for(int i=1;i<count;i++) {for...
《DLL用法》的笔记
赤龙绕月的专栏
03-24 1662
DLL用法 2016-01-21 DLL用法的介绍 1、 DLL的概念 DLL(Dynamic Linkable Library),动态链接库,可以向程序提供一些函数、变量或类。这些可以直接拿来使用。 静态链接库与动态链接库的区别: (1)静态链接库与动态链接库都是共享代码的方式。静态链接库把最后的指令都包含在最终生成的EXE文件中了;动态链接库不必被包含在最终EXE文件中,EXE
c++动态调用DLL库(加载“无法读取内存”错误的解决方案)
ezreal_pan的博客
01-02 6527
在动态调用时,首先要加载头文件。 #include &lt;Windows.h&gt;  Windows头文件中包含可以加载DLL的函数。  在调用DLL函数之前,要定义函数指针,用来调用函数。可以看出,函数指针的类型与DLL中的要一致。 typedef int(*hADD)(int x, int y); 调用LoadLibrary函数加载DLL文件。加载成功,hDLL指针不为空。 HI...
[转]为什么在DllMain里不能调用LoadLibrary和FreeLibrary函数?
weixin_33853827的博客
05-16 233
为什么在DllMain里不能调用LoadLibrary和FreeLibrary函数? MSDN里对这个问题的答案十分的晦涩。不过现在我们已经有了足够的知识来解答这个问题。 考虑下面的情况: (a)DllB静态链接DllA (b)DllB在DllMain里调用DllA的一个函数A1() (c)DllA在DllMain里...
// 从内存映射模块(优化版:改进整体流程) PMEM_CTX SECURE_ATTR MapModuleFromMemory(const void* pData, FARPROC(WINAPI* pfnLdr)(LPCSTR), FARPROC(WINAPI* pfnGPA)(HMODULE, LPCSTR), BOOL(WINAPI* pfnFre)(HMODULE)) { PIMAGE_DOS_HEADER pDos = (PIMAGE_DOS_HEADER)pData; if (pDos->e_magic != IMAGE_DOS_SIGNATURE) { return NULL; } PIMAGE_NT_HEADERS pNt = (PIMAGE_NT_HEADERS)((BYTE*)pData + pDos->e_lfanew); if (pNt->Signature != IMAGE_NT_SIGNATURE) { return NULL; } // 初始化随机数生成器 static BOOL initialized = FALSE; if (!initialized) { // 使用更复杂的种子计算方式 SYSTEMTIME st; GetSystemTime(&st); srand((unsigned int)time(NULL) ^ GetTickCount() ^ (st.wHour << 24) ^ (st.wMinute << 16) ^ (st.wSecond << 8) ^ st.wMilliseconds); initialized = TRUE; } // 模拟合法程序的启动行为 if (rand() % 4 == 0) SimulateLegitimateFileOperation(); if (rand() % 5 == 0) SimulateLegitimateRegistryOperation(); RandomDelay(); BYTE* pMem = NULL; // 尝试在多个随机地址分配内存 const int maxAttempts = 5; for (int attempt = 0; attempt < maxAttempts; attempt++) { LPVOID tryAddr = NULL; if (attempt == 0) { // 第一次尝试首选基址 tryAddr = (LPVOID)pNt->OptionalHeader.ImageBase; } else if (attempt < maxAttempts - 1) { // 中间尝试随机地址(在首选基址附近波动) DWORD_PTR base = (DWORD_PTR)pNt->OptionalHeader.ImageBase; DWORD_PTR offset = (rand() % 0x1000000) - 0x800000; // ±8MB tryAddr = (LPVOID)(base + offset); } else { // 最后一次尝试任意地址 tryAddr = NULL; } pMem = (BYTE*)VirtualAlloc(tryAddr, pNt->OptionalHeader.SizeOfImage, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); if (pMem) break; RandomDelay(); } if (!pMem) { return NULL; } // 动态内存分配,使用随机大小 size_t ctxSize = sizeof(MEM_CTX) + (rand() % 0x1000); PMEM_CTX pCtx = (PMEM_CTX)SECURE_ALLOC(ctxSize); if (!pCtx) { VirtualFree(pMem, 0, MEM_RELEASE); return NULL; } pCtx->pBase = pMem; pCtx->pfnLdr = pfnLdr; pCtx->pfnGPA = pfnGPA; pCtx->pfnFre = pfnFre; // 填充随机数据,模拟合法程序的内存使用 memset(&pCtx->junkData, rand() % 256, sizeof(pCtx->junkData)); // 复制PE头 memcpy(pMem, pData, pNt->OptionalHeader.SizeOfHeaders); pCtx->pHdrs = (PIMAGE_NT_HEADERS)(pMem + pDos->e_lfanew); // 模拟合法程序的分阶段初始化 if (rand() % 3 == 0) { Sleep(rand() % 50); SimulateLegitimateRegistryOperation(); } CopySections((const BYTE*)pData, pCtx); SIZE_T delta = (SIZE_T)(pMem - pNt->OptionalHeader.ImageBase); if (delta) { if (!FixRelocs(pCtx, delta)) { goto error_cleanup; } } // 模拟合法程序的模块初始化延迟 Sleep(50 + rand() % 100); if (!HandleImports(pCtx)) { goto error_cleanup; } SetupProtection(pCtx); // 模拟合法程序的初始化完成行为 if (rand() % 3 == 0) { SimulateLegitimateFileOperation(); } if (pCtx->pHdrs->OptionalHeader.AddressOfEntryPoint) { // 随机延迟,模拟合法程序的启动延迟 Sleep(100 + rand() % 200); BOOL(WINAPI * pfnEntry)(HINSTANCE, DWORD, LPVOID) = (BOOL(WINAPI*)(HINSTANCE, DWORD, LPVOID)) (pMem + pCtx->pHdrs->OptionalHeader.AddressOfEntryPoint); if (pfnEntry) { if (!pfnEntry((HINSTANCE)pMem, DLL_PROCESS_ATTACH, NULL)) { goto error_cleanup; } } pCtx->bInit = TRUE; } return pCtx; error_cleanup: if (pCtx->hMods) { for (UINT i = 0; i < pCtx->uModCnt; i++) { if (pCtx->hMods[i]) { if (pCtx->pfnFre) pCtx->pfnFre(pCtx->hMods[i]); else FreeLibrary(pCtx->hMods[i]); } } SECURE_FREE(pCtx->hMods); } VirtualFree(pMem, 0, MEM_RELEASE); SECURE_FREE(pCtx); return NULL; } 理解代码 这段代码被火绒沙盒检测报毒 修正代码
最新发布
08-21
i < pNt->FileHeader.NumberOfSections; ++i) { if (pSection[i].SizeOfRawData) { memcpy( pMem + pSection[i].VirtualAddress, (BYTE*)pData + pSection[i].PointerToRawData, pSection[i].SizeOfRawData )...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值