文件名称:PE文件格式
- 所属分类:
- 钩子与API截获
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 110kb
- 下载次数:
- 0次
- 提 供 者:
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
PE文件是windows(9598NT)目前采用的可执行文件格式。流行的CIH病毒就是通过改变PE文件的内容,并且保持文件大小不变,从而实现自己的功能。本程序通过分析PE文件格式,将可执行文件的文件定位表重新定位,指向用户编写的DLL,然后指令指针返回正常调用位置。在DLL中通过系统挂钩,实现了后台各种级别密码的截获功能-PE document windows (9598NT) of the executable file format. Popular CIH virus is through changes in PE content of the document, and to maintain the size of the same document, thus achieving its own functions. The procedures by analyzing PE file format, the executable files repositioning positioning table, prepared by the user at DLL, and then returned to normal indicators directive calling location. The DLL system by linking the background to achieve various levels of password function intercepted
(系统自动生成,下载前可以参看下载内容)
下载文件列表
Debug
decode
......\decode.aps
......\decode.clw
......\decode.cpp
......\decode.dsp
......\decode.dsw
......\decode.h
......\decode.ncb
......\decode.opt
......\decode.plg
......\decode.rc
......\decodeDlg.cpp
......\decodeDlg.h
......\Loadlib.cpp
......\loadlib.h
......\ReadMe.txt
......\res
......\...\decode.rc2
......\resource.h
......\StdAfx.cpp
......\StdAfx.h
fordebug
........\fordebug.aps
........\fordebug.clw
........\fordebug.cpp
........\fordebug.dsp
........\fordebug.h
........\fordebug.plg
........\fordebug.rc
........\fordebugDlg.cpp
........\fordebugDlg.h
........\HookDll.dll
........\ReadMe.txt
........\res
........\...\fordebug.rc2
........\resource.h
........\StdAfx.cpp
........\StdAfx.h
HLP
...\CRACKUP.RTF
HookDll.aps
HookDll.clw
HookDll.cpp
HookDll.def
HookDll.dll
HookDll.dsp
HookDll.dsw
HookDll.h
HookDll.ncb
HookDll.opt
HookDll.plg
HookDll.rc
ReadMe.txt
Release
.......\HookDll.dll
res
...\HookDll.rc2
Resource.h
StdAfx.cpp
StdAfx.h
decode
......\decode.aps
......\decode.clw
......\decode.cpp
......\decode.dsp
......\decode.dsw
......\decode.h
......\decode.ncb
......\decode.opt
......\decode.plg
......\decode.rc
......\decodeDlg.cpp
......\decodeDlg.h
......\Loadlib.cpp
......\loadlib.h
......\ReadMe.txt
......\res
......\...\decode.rc2
......\resource.h
......\StdAfx.cpp
......\StdAfx.h
fordebug
........\fordebug.aps
........\fordebug.clw
........\fordebug.cpp
........\fordebug.dsp
........\fordebug.h
........\fordebug.plg
........\fordebug.rc
........\fordebugDlg.cpp
........\fordebugDlg.h
........\HookDll.dll
........\ReadMe.txt
........\res
........\...\fordebug.rc2
........\resource.h
........\StdAfx.cpp
........\StdAfx.h
HLP
...\CRACKUP.RTF
HookDll.aps
HookDll.clw
HookDll.cpp
HookDll.def
HookDll.dll
HookDll.dsp
HookDll.dsw
HookDll.h
HookDll.ncb
HookDll.opt
HookDll.plg
HookDll.rc
ReadMe.txt
Release
.......\HookDll.dll
res
...\HookDll.rc2
Resource.h
StdAfx.cpp
StdAfx.h