DWORD dwMagic;
DWORD i;
BYTE dwCode;
DWORD dwAddr;
dwStartMap = SH->VirtualAddress + (DWORD)MapOfFile;//¶ÎÏÖÔÚÊ×µØÖ·
dwEndMap = SH->Misc.VirtualSize + dwStartMap;//¶ÎÏÖÔÚÄ©µØÖ·
i = 0;
for (dwMagic=1; dwMagic <0xFF; dwMagic++)
{
if (i == dwEndMap)
break ;
for (i=dwStartMap; i <dwEndMap; i++)
{
dwCode = *(LPBYTE)i;
if (dwCode == 0xE8 || dwCode == 0xE9)//call»òjmp
{
dwAddr = i + 5 + *(LPDWORD)(i+1);//ÌøתµÄÄ¿µÄµØÖ·
if (dwAddr>dwStartMap && dwAddr <dwEndMap)
continue ; //¶ÎÄÚתÒÆ
dwCode = *(LPBYTE)(i+1);//¶Î¼äתÒÆ£¬*(LPBYTE)(i+1)ÊÇÆ«ÒÆÁ¿µÄµÍ×Ö½Ú°É£¬±£´æµ½dwCodeÓÐʲôÓã¿Ê²Ã´Âß¼£¿
if (dwCode == dwMagic)
break ; //ΪʲôÕâÑù×ö£¬Æ«ÒÆÁ¿µÄµÍ×Ö½ÚΪѻ·µÄdwMagicµÄ¸ÅÂʺÜС°¡£¬¶øÇұȽÏÀàÐÍÒ²²»Ò»ÖÂ
}
}
}//Õâ¸öÁ½²ãforÍêÁË£¬Ã»ÓÐ×öÈκβÙ×÷£¬Î¨ÓÐdwAddr±£´æÁË×îºó¸öcall»òjmpµÄÌøתµØÖ·£¬dwCodeÇ¡ºÃÊÇdwMagicµÄÖµ-¿ÉÄÜÐÔºÜС
DWORD dwMagic;
DWORD i;
BYTE dwCode;
DWORD dwAddr;
dwStartMap = SH->VirtualAddress + (DWORD)MapOfFile;//¶ÎÏÖÔÚÊ×µØÖ·
dwEndMap = SH->Misc.VirtualSize + dwStartMap;//¶ÎÏÖÔÚÄ©µØÖ·
i = 0;
for (dwMagic=1; dwMagic <0xFF; dwMagic++)
{
if (i == dwEndMap)
break ;
ÒÑÓÐa,bÁ½¸öÁ´±í£¬Ã¿¸öÁ´±íÖеĽáµã°üÀ¨Ñ§ºÅ£¬³É¼¨¡£ÒªÇó°ÑÁ½¸öÁ´±íºÏ²¢£¬°´Ñ§ºÅÉýÐòÅÅÁÐ
Á¬½Óº¯ÊýÓÐÎÊÌâ Çë¸ßÊÖÖ¸µã
#include <stdio.h>
#include <stdlib.h>
struct student{
int ......
CÅÌ9G£¬ËãÁËһϸ÷ÖÖÎļþ°üÀ¨ÒþÐÎ×ܹ²²»µ½2G£¬¿ÉÊÇϵͳÏÔʾֻʣÓà1¸ö¶àG£¬ÎÒÒѾ½«¸÷ÖÖÁÙʱÎļþ¶¼É¾³ýÁË£¬°üÀ¨´ÅÅÌÇåÀí£¬Ôõô»ØÊ£¿Ð»Ð»»Ø´ð
ʲôϵͳ£¿
ÐéÄâÄÚ´æÉèÖõ½ÆäËüÅÌ£»
¹Ø±Õϵͳ»¹Ô£»
ɾ³ýÐ ......
