Помогите с программой IDA...

deviance · Отправлено: **16:12, 05-04-2013** | #7

by_gangster, можете использовать следующий код:

Код:

#include <stdio.h>
#include <Windows.h>
#include <ImageHlp.h>

#define MAX_BIN_PATCHES 100
#define MAX_LINE        17
#define CHUNK_FORMAT    "%08x: %02x %02x"

typedef struct patch_chunk_s{
	unsigned int  offset;
	unsigned char old_byte;
	unsigned char new_byte;
} patch_chunk_t;

int read_chunks(char* from_file, patch_chunk_t* chunks){
	char  buf[MAX_LINE] = {0};
	FILE* f = NULL;
	int   cnt = 0;

	f = fopen(from_file, "r");
	if ( f == NULL )
		return -1;

	while ( cnt < MAX_BIN_PATCHES ){
		if ( fgets(buf, MAX_LINE, f) == NULL){
			break;
		} else if ( *buf == '\n' || buf[8] != ':' || buf[9] != ' ' || buf[12] != ' '){
			continue;
		} else 
			sscanf(buf, CHUNK_FORMAT, &chunks[cnt].offset, &chunks[cnt].old_byte, &chunks[cnt].new_byte);
			cnt++;
	}
	return cnt;
}

void write_chunks(LOADED_IMAGE* image, patch_chunk_t* chunks, unsigned nchunks){
	unsigned idx = 0;
	while ( idx < nchunks )
	{
		if ( chunks[idx].offset > image->SizeOfImage ){
			printf("0x%08X: invalid offset\n", chunks[idx].offset);
		}
		else if ( image->MappedAddress[chunks[idx].offset] != chunks[idx].old_byte ){
			printf("0x%08X: %02X -> %02X err\n", chunks[idx].offset, chunks[idx].old_byte, chunks[idx].new_byte);
		}
		else {
			image->MappedAddress[chunks[idx].offset] = chunks[idx].new_byte;
			printf("0x%08X: %02X -> %02X ok\n", chunks[idx].offset, chunks[idx].old_byte, chunks[idx].new_byte);
		}
		idx++;
	}
}

int main(int argc, char* argv[])
{
	patch_chunk_t chunks[MAX_BIN_PATCHES] = {0};
	char  usage[] = {"usage: [file-to-patch] [ida-diff]\n"};
	int   ret = -1;
	char* image_path = NULL;
	char* diff_file = NULL;
	unsigned nchunks = 0;

	LOADED_IMAGE li;

	if (argc < 3){
		printf(usage);
		return -1;
	}
	else {
		image_path = argv[1];
		diff_file = argv[2];
	}

	ret = MapAndLoad(image_path, NULL, &li, 0 /*.exe default ext.*/, 0 /*readwrite access*/ );
	if ( ret == 0 ){
		printf("Unable to load %s\n", image_path);
		return -1;
	}
	else {
		printf("Image %s loaded.\n",image_path);
	}
	ret = read_chunks(diff_file, chunks);

	if ( ret > 0 ){
		nchunks = ret;
		printf("File %s loaded. %d chunks read.\n", diff_file, nchunks );
	} 
	else {
		printf("Unable to load %s: ", diff_file);
		if ( ret == 0 )
			printf("file is empty.\n");
		else
			printf("no access.\n");
		return -1;
	}

	write_chunks(&li, chunks, nchunks);
	ret = UnMapAndLoad(&li);
	return ret;
}