程序代码:.386
.model flat,stdcall
option casemap:none
include windows.inc
include user32.inc
include kernel32.inc
include gdi32.inc
includelib gdi32.lib
includelib user32.lib
includelib kernel32.lib
Message proto :DWORD
movfile proto :dword,:dword,:dword
IsPeFile proto :dword
MovPeHead proto :dword,:dword,:dword
.data
szFileName db "E:\stu1\stu2\bin\Debug\main.exe",0
szEorro db "file open fail",0
szCaption db "PEêμÑé",0
szsuccesful db "successful!",0
szpe db "this is a pe file",0
szPeMovNo db "Îļt2»Dèòaòƶˉ",0
szNoPe db "this is not PE file",0
.data?
hFileHanld dword ?
szbuff dword 4096 dup (?)
szreadnum dword ?
szbuff1 IMAGE_DOS_HEADER <>
dwPeRav dword ?
.code
start:
invoke CreateFile,offset szFileName,GENERIC_READ or GENERIC_WRITE,NULL,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL
.IF eax==INVALID_HANDLE_VALUE
invoke MessageBox,NULL,offset szEorro,offset szCaption,MB_OK
invoke ExitProcess,NULL
.endif
mov hFileHanld ,eax
invoke ReadFile,hFileHanld,offset szbuff, 0400h,offset szreadnum,NULL
invoke IsPeFile,offset szbuff
.if eax==0
invoke MessageBox,NULL,szNoPe,NULL,MB_OK
jmp over
.endif
mov dwPeRav,eax
invoke MovPeHead,offset szbuff,0ch,dwPeRav
invoke SetFilePointer,hFileHanld,0,0,FILE_BEGIN
invoke WriteFile,hFileHanld,offset szbuff,400h,NULL,NULL
over:
invoke ExitProcess,NULL
Message proc lpstring:dword
invoke MessageBox,NULL,lpstring,offset szCaption,MB_OK
ret
Message endp
movfile proc dst:dword,src:dword,sizelen:dword
mov edi,dst
mov esi,src
mov ecx,sizelen
next: movsb
mov byte ptr [esi-1],0
loop next
ret
movfile endp
IsPeFile proc lpbuff:dword
mov esi,lpbuff
mov eax,0
assume esi : ptr IMAGE_DOS_HEADER
.IF [esi].e_magic=="ZM"
mov esi,[esi].e_lfanew
add esi,lpbuff
.if word ptr [esi]=="EP"
invoke Message ,offset szpe
sub esi,lpbuff
mov eax,esi
.endif
.endif
assume esi : nothing
ret
IsPeFile endp
MovPeHead proc lpDosHead :dword,dwPosition : DWORD,dwPeRav1 :dword
mov eax,dwPeRav1
.if dwPosition==eax
invoke MessageBox,NULL,offset szPeMovNo,NULL,MB_OK
ret
.endif
mov esi,lpDosHead
push esi
assume esi:ptr IMAGE_DOS_HEADER
mov esi,[esi].e_lfanew
add esi,lpDosHead
assume esi:nothing
assume esi:ptr IMAGE_NT_HEADERS
mov dx,[esi].FileHeader.NumberOfSections
movzx edx,dx
mov eax,sizeof(IMAGE_SECTION_HEADER)
MUL edx
add eax,sizeof(IMAGE_NT_HEADERS)
assume esi : nothing
mov ebx,lpDosHead
add ebx,dwPosition
invoke movfile,ebx,esi,eax
pop esi
assume esi : ptr IMAGE_DOS_HEADER
mov eax,dwPosition
mov [esi].e_lfanew,eax
assume esi:nothing
ret
MovPeHead endp
end start
.model flat,stdcall
option casemap:none
include windows.inc
include user32.inc
include kernel32.inc
include gdi32.inc
includelib gdi32.lib
includelib user32.lib
includelib kernel32.lib
Message proto :DWORD
movfile proto :dword,:dword,:dword
IsPeFile proto :dword
MovPeHead proto :dword,:dword,:dword
.data
szFileName db "E:\stu1\stu2\bin\Debug\main.exe",0
szEorro db "file open fail",0
szCaption db "PEêμÑé",0
szsuccesful db "successful!",0
szpe db "this is a pe file",0
szPeMovNo db "Îļt2»Dèòaòƶˉ",0
szNoPe db "this is not PE file",0
.data?
hFileHanld dword ?
szbuff dword 4096 dup (?)
szreadnum dword ?
szbuff1 IMAGE_DOS_HEADER <>
dwPeRav dword ?
.code
start:
invoke CreateFile,offset szFileName,GENERIC_READ or GENERIC_WRITE,NULL,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL
.IF eax==INVALID_HANDLE_VALUE
invoke MessageBox,NULL,offset szEorro,offset szCaption,MB_OK
invoke ExitProcess,NULL
.endif
mov hFileHanld ,eax
invoke ReadFile,hFileHanld,offset szbuff, 0400h,offset szreadnum,NULL
invoke IsPeFile,offset szbuff
.if eax==0
invoke MessageBox,NULL,szNoPe,NULL,MB_OK
jmp over
.endif
mov dwPeRav,eax
invoke MovPeHead,offset szbuff,0ch,dwPeRav
invoke SetFilePointer,hFileHanld,0,0,FILE_BEGIN
invoke WriteFile,hFileHanld,offset szbuff,400h,NULL,NULL
over:
invoke ExitProcess,NULL
Message proc lpstring:dword
invoke MessageBox,NULL,lpstring,offset szCaption,MB_OK
ret
Message endp
movfile proc dst:dword,src:dword,sizelen:dword
mov edi,dst
mov esi,src
mov ecx,sizelen
next: movsb
mov byte ptr [esi-1],0
loop next
ret
movfile endp
IsPeFile proc lpbuff:dword
mov esi,lpbuff
mov eax,0
assume esi : ptr IMAGE_DOS_HEADER
.IF [esi].e_magic=="ZM"
mov esi,[esi].e_lfanew
add esi,lpbuff
.if word ptr [esi]=="EP"
invoke Message ,offset szpe
sub esi,lpbuff
mov eax,esi
.endif
.endif
assume esi : nothing
ret
IsPeFile endp
MovPeHead proc lpDosHead :dword,dwPosition : DWORD,dwPeRav1 :dword
mov eax,dwPeRav1
.if dwPosition==eax
invoke MessageBox,NULL,offset szPeMovNo,NULL,MB_OK
ret
.endif
mov esi,lpDosHead
push esi
assume esi:ptr IMAGE_DOS_HEADER
mov esi,[esi].e_lfanew
add esi,lpDosHead
assume esi:nothing
assume esi:ptr IMAGE_NT_HEADERS
mov dx,[esi].FileHeader.NumberOfSections
movzx edx,dx
mov eax,sizeof(IMAGE_SECTION_HEADER)
MUL edx
add eax,sizeof(IMAGE_NT_HEADERS)
assume esi : nothing
mov ebx,lpDosHead
add ebx,dwPosition
invoke movfile,ebx,esi,eax
pop esi
assume esi : ptr IMAGE_DOS_HEADER
mov eax,dwPosition
mov [esi].e_lfanew,eax
assume esi:nothing
ret
MovPeHead endp
end start
[ 本帖最后由 zhu224039 于 2014-3-15 17:20 编辑 ]