void editreloc(char* buffer)
{
PIMAGE_DOS_HEADER pDosH = (PIMAGE_DOS_HEADER)(buffer);
PIMAGE_NT_HEADERS pNTH = (PIMAGE_NT_HEADERS)(buffer + pDosH->e_lfanew);
PIMAGE_FILE_HEADER pFH = (PIMAGE_FILE_HEADER)((char*)pNTH + 0x4);
PIMAGE_OPTIONAL_HEADER pOH = (PIMAGE_OPTIONAL_HEADER)((char*)pFH + 0x14);
int opHeaderLen = int(pFH->SizeOfOptionalHeader);
PIMAGE_SECTION_HEADER pSecH = (PIMAGE_SECTION_HEADER)((char*)pOH + opHeaderLen);
PIMAGE_DATA_DIRECTORY pDD = (PIMAGE_DATA_DIRECTORY)(pOH->DataDirectory);
int relocVAddress = pDD[5].VirtualAddress;
PIMAGE_BASE_RELOCATION pBR = (PIMAGE_BASE_RELOCATION)(rvaTofoa(relocVAddress, buffer) + buffer);
pOH->ImageBase = pOH->ImageBase+0x100000;
pOH->DllCharacteristics = pOH->DllCharacteristics & 0xFF00;
for (int i = 0; (int*)pBR->VirtualAddress != 0; i++)
{
int SizeofBlock = pBR->SizeOfBlock;
int num = (SizeofBlock - 8) / 2;
PWORD p = (PWORD)((char*)pBR + 8);
for (int j = 0; j < num; j++)
{
int type = (*(p + j) & 0xF000) >> 12;
if (type == 3)
{
int VAddress = (*(p + j) & 0x0FFF) + pBR->VirtualAddress ;
char* FAddress = rvaTofoa(VAddress, buffer) + buffer;
*((int*)FAddress) = *((int*)FAddress)+0x100000;
}
}
pBR = (PIMAGE_BASE_RELOCATION)((char*)pBR + pBR->SizeOfBlock);
}
}版权声明:本文为qq_52442096原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。