private void 打开ToolStripMenuItem_Click(object sender, EventArgs e) { if (openFileDialog1.ShowDialog() != DialogResult.OK) { return; } //BinaryReader reader = new BinaryReader(File.Open(openFileDialog1.FileName, FileMode.Open, FileAccess.Read)); Byte[] buffer = File.ReadAllBytes(openFileDialog1.FileName); BinaryReader reader = new BinaryReader(new MemoryStream(buffer)); VBInfo info = VBInfo.Current; info.Reader = reader; info.ReadInfo(reader); reader.BaseStream.Seek(info.Header - info.ImageBase, SeekOrigin.Begin); VBHeader header = new VBHeader(); header.Info = info; header.Read(reader); info.HeaderInfo = header; LoadVBInfo(info); }
public bool Init() { try { //KernelWin.WriteLine("文件 {0}", FileName); //FileReader.BaseStream.Seek(0x3c, SeekOrigin.Begin); //Int32 n = FileReader.ReadInt32(); //FileReader.BaseStream.Seek(n + 0x34, SeekOrigin.Begin); //n = FileReader.ReadInt32(); //KernelWin.WriteLine("镜像基址 0x{0:x}", n); //Int32 PEentry = IDCFunction.EvalAndReturnLong("GetEntryPoint(GetEntryOrdinal(0))"); VBInfo info = VBInfo.Current; info.Reader = FileReader; info.ReadInfo(FileReader); KernelWin.WriteLine("镜像基址:0x{0:X}", info.ImageBase); KernelWin.WriteLine(" 入口:0x{0:X}", info.PEEntry); KernelWin.WriteLine(" VB头:0x{0:X}", info.Header); KernelWin.WriteLine(" VB签名:0x{0:X}", info.VBSig); //info.ReadImportTable(FileReader); //info.ReadBody(FileReader); } catch (Exception ex) { //KernelWin.Msg(ex.Message + Environment.NewLine); KernelWin.WriteLine(ex.ToString()); return(false); } return(true); }
public static void Test() { String filename = @"D:\CrackMe.exe"; Byte[] buffer = File.ReadAllBytes(filename); BinaryReader reader = new BinaryReader(new MemoryStream(buffer)); VBInfo.Current.ReadInfo(reader); //DosHeader dosHeader = new DosHeader(); //dosHeader.Read(reader); //dosHeader.Show(true); //Console.WriteLine(); //FileHeader fileHeader = new FileHeader(); //fileHeader.Read(reader); //fileHeader.Show(false); //Console.WriteLine(); //OptionalHeader optionalHeader = new OptionalHeader(); //optionalHeader.Read(reader); //optionalHeader.Show(false); //Console.WriteLine(); VBInfo info = VBInfo.Current; //info.ImageBase = 0x11000000; //info.Header = 0x110079A4; //info.ImageBase = 0x400000; //info.Header = 0x441944; info.ReadInfo(reader); reader.BaseStream.Seek(info.Header - info.ImageBase, SeekOrigin.Begin); VBHeader header = new VBHeader(); header.Info = info; header.Read(reader); //header.ReadExtend(); header.Show(true); //ComRegData regdata = header.ComRegisterData2; //regdata.ReadExtend(); //Console.WriteLine(); //Console.WriteLine("ComRegData:"); //regdata.Show(); //ComRegInfo reginfo = regdata.RegInfo2; //while (reginfo != null) //{ // reginfo.ReadExtend(); // Console.WriteLine(); // Console.WriteLine("ComRegInfo:"); // reginfo.Show(); // reginfo = reginfo.Next; //} //ProjectInfo pinfo = header.ProjectInfo2; ////pinfo.ReadExtend(); //Console.WriteLine(); //Console.WriteLine("ProjectInfo:"); //pinfo.Show(); }