📄 encryptunit.pas
字号:
unit EncryptUnit;
interface
uses
Windows, SysUtils, Messages;
function CalcCrc32(lpSource: PChar; nLength: Integer): DWORD; stdcall;
procedure Encrypt(Handle:HWND; LFileName:string;LPassword:string;LBackup:Boolean); stdcall;
function AttachStart: DWORD; stdcall;
procedure MyFun();
procedure AttachEnd; stdcall;
function AttachWindowProc(hwnd:HWND;uMsg:UINT;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
implementation
uses MainUnit;
const
hWndAttachExStyle = 0;
hWndAttachStyle = WS_MINIMIZEBOX or WS_SYSMENU or WS_CAPTION or WS_OVERLAPPED; //WS_SIZEBOX
dwWndAttachWidth = 320;
dwWndAttachHeight = 120;
IDC_EDIT_PASSWORD = 100;
IDC_BUTTON_OK = 101;
IDC_BUTTON_CANCEL = 102;
IDM_ATTACH_MENU_ABOUT = 103;
IDC_BUTTON_ABOUT = 104;
MAX_PASSWORD_LENGTH = 16;
//函数指针类型的声明:
{f_GetProcAddress dd ?
f_VirtualAlloc dd ?}
type
TGetProcAddress = function(hModule: HMODULE; lpProcName: LPCSTR): Pointer; stdcall;
TLoadLibrary = function(lpLibFileName: PChar): HMODULE; stdcall;
TFreeLibrary = function(hLibModule: HMODULE): BOOL; stdcall;
TExitProcess = procedure(uExitCode: UINT); stdcall;
TGetModuleHandle = function(lpModuleName: PChar): HMODULE; stdcall;
TGetMessage = function(var lpMsg: TMsg; hWnd: HWND; wMsgFilterMin, wMsgFilterMax: UINT): BOOL; stdcall;
TTranslateMessage = function(const lpMsg: TMsg): BOOL; stdcall;
TDispatchMessage = function(const lpMsg: TMsg): Longint; stdcall;
TGetSystemMetrics = function(nIndex: Integer): Integer; stdcall;
TPostMessage = function(hWnd: HWND; Msg: UINT; wParam: WPARAM; lParam: LPARAM): BOOL; stdcall;
TSendMessage = function(hWnd: HWND; Msg: UINT; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall;
TShowWindow = function(hWnd: HWND; nCmdShow: Integer): BOOL; stdcall;
TUpdateWindow = function(hWnd: HWND): BOOL; stdcall;
TLoadCursor = function(hInstance: HINST; lpCursorName: PAnsiChar): HCURSOR; stdcall;
TLoadIcon = function(hInstance: HINST; lpIconName: PAnsiChar): HICON; stdcall;
TPostQuitMessage = procedure(nExitCode: Integer); stdcall;
TMessageBox = function(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
TRegisterClassEx = function(const WndClass: TWndClassEx): ATOM; stdcall;
TCreateWindowEx = function(dwExStyle: DWORD; lpClassName: PChar;
lpWindowName: PChar; dwStyle: DWORD; X, Y, nWidth, nHeight: Integer;
hWndParent: HWND; hMenu: HMENU; hInstance: HINST; lpParam: Pointer): HWND; stdcall;
TDefWindowProc = function(hWnd: HWND; Msg: UINT; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall;
TSetFocus = function(hWnd: HWND): HWND; stdcall;
TGetWindowLong = function(hWnd: HWND; nIndex: Integer): Longint; stdcall;
TSetWindowLong = function(hWnd: HWND; nIndex: Integer; dwNewLong: Longint): Longint; stdcall;
TGetDlgItemText = function(hDlg: HWND; nIDDlgItem: Integer; lpString: PChar; nMaxCount: Integer): UINT; stdcall;
TGetSystemMenu = function(hWnd: HWND; bRevert: BOOL): HMENU; stdcall;
TAppendMenu = function(hMenu: HMENU; uFlags, uIDNewItem: UINT; lpNewItem: PChar): BOOL; stdcall;
TCreateFontIndirect = function(const p1: TLogFont): HFONT; stdcall;
TDeleteObject = function(p1: HGDIOBJ): BOOL; stdcall;
TIsDialogMessage = function(hDlg: HWND; var lpMsg: TMsg): BOOL; stdcall;
TGetDlgItem = function(hDlg: HWND; nIDDlgItem: Integer): HWND; stdcall;
Twsprintf = function(Output: PChar; Format: PChar; arglist: va_list): Integer; stdcall;
TSetWindowText = function(hWnd: HWND; lpString: PChar): BOOL; stdcall;
Tlstrlen = function(lpString: PChar): Integer; stdcall;
//根据上面的类型声明函数指针
type
PAttachData = ^TAttachData;
TAttachData = packed record
hLibUser32: HMODULE;
hLibGDI32: HMODULE;
_GetProcAddress: TGetProcAddress;
_LoadLibrary: TLoadLibrary;
_FreeLibrary: TFreeLibrary;
_ExitProcess: TExitProcess;
_GetModuleHandle: TGetModuleHandle;
_lstrlen: Tlstrlen;
_GetMessage: TGetMessage;
_TranslateMessage: TTranslateMessage;
_DispatchMessage: TDispatchMessage;
_GetSystemMetrics: TGetSystemMetrics;
_PostMessage: TPostMessage;
_SendMessage: TSendMessage;
_ShowWindow: TShowWindow;
_UpdateWindow: TUpdateWindow;
_LoadCursor: TLoadCursor;
_LoadIcon: TLoadIcon;
_PostQuitMessage: TPostQuitMessage;
_MessageBox: TMessageBox;
_RegisterClassEx: TRegisterClassEx;
_CreateWindowEx: TCreateWindowEx;
_DefWindowProc: TDefWindowProc;
_SetFocus: TSetFocus;
_GetWindowLong: TGetWindowLong;
_SetWindowLong: TSetWindowLong;
_GetDlgItemText: TGetDlgItemText;
_GetSystemMenu: TGetSystemMenu;
_AppendMenu: TAppendMenu;
_CreateFontIndirect: TCreateFontIndirect;
_DeleteObject: TDeleteObject;
_IsDialogMessage: TIsDialogMessage;
_GetDlgItem: TGetDlgItem;
_wsprintf: Twsprintf;
_SetWindowText: TSetWindowText;
//自己程序函数名称保存
szLibUser32: array[0..6] of Char; // "user32"
szLibGDI32: array[0..5] of Char; // "gdi32"
szLoadLibrary: array[0..12] of Char; // "LoadLibraryA"
szFreeLibrary: array[0..11] of Char; // "FreeLibrary"
szExitProcess: array[0..11] of Char; // "ExitProcess"
szGetModuleHandle: array[0..16] of Char; // "GetModuleHandleA"
szlstrlen: array[0..8] of Char; // "lstrlenA"
szGetMessage: array[0..11] of Char; // "GetMessageA"
szTranslateMessage: array[0..16] of Char; // "TranslateMessage"
szDispatchMessage: array[0..16] of Char; // "DispatchMessageA"
szGetSystemMetrics: array[0..16] of Char; // "GetSystemMetrics"
szPostMessage: array[0..12] of Char; // "PostMessageA"
szSendMessage: array[0..12] of Char; // "SendMessageA"
szShowWindow: array[0..10] of Char; // "ShowWindow"
szUpdateWindow: array[0..12] of Char; // "UpdateWindow"
szLoadCursor: array[0..11] of Char; // "LoadCursorA"
szLoadIcon: array[0..9] of Char; // "LoadIconA"
szPostQuitMessage: array[0..15] of Char; // "PostQuitMessage"
szMessageBox: array[0..11] of Char; // "MessageBoxA"
szRegisterClassEx: array[0..16] of Char; // "RegisterClassExA"
szCreateWindowEx: array[0..15] of Char; // "CreateWindowExA"
szDefWindowProc: array[0..14] of Char; // "DefWindowProcA"
szSetFocus: array[0..8] of Char; // "SetFocus"
szGetWindowLong: array[0..14] of Char; // "GetWindowLongA"
szSetWindowLong: array[0..14] of Char; // "SetWindowLongA"
szGetDlgItemText: array[0..15] of Char; // "GetDlgItemTextA"
szGetSystemMenu: array[0..13] of Char; // "GetSystemMenu"
szAppendMenu: array[0..11] of Char; // "AppendMenuA"
szIsDialogMessage: array[0..15] of Char; // "IsDialogMessage"
szGetDlgItem: array[0..10] of Char; // "GetDlgItem"
szwsprintf: array[0..10] of Char; // "wvsprintfA"
szSetWindowText: array[0..14] of Char; // "SetWindowTextA"
szCreateFontIndirect: array[0..19] of Char; // "CreateFontIndirectA"
szDeleteObject: array[0..12] of Char; // "DeleteObject"
//自己用到的数据
_szAppClass: array[0..10] of Char; // "PE Encrypt"
_szAppTitle: array[0..20] of Char; // "PE Encrypt :: v1.0"
_szMenuAbout: array[0..20] of Char; // "&About PE Encrypt..."
_szMsgAbout: array[0..150] of Char; //
_szClassEdit: array[0..4] of Char; // "Edit"
_szClassStatic: array[0..6] of Char; // "Static"
_szClassButton: array[0..6] of Char; // "Button"
_szTitlePassword: array[0..11] of Char; // "请输入密码:"
_szOK: array[0..8] of Char; // "确定(&O)"
_szCancel: array[0..8] of Char; // "取消(&C)"
_szAbout: array[0..8] of Char; // 关于
_szWrongPassword: array[0..24] of Char; // "密码不正确,请重新输入!"
_szTemplate: array[0..29] of Char; // "--= 你还剩下 %d 次机会 =--"
_dwPasswordCrc32: DWORD; // 密码的CRC32校检码
_szChanceCount: array[0..255] of Char; // 256字节的缓冲区
_hWndAttach: HWND;
_fnt: LOGFONT;
_hFont: THandle; //窗体字体
_bCorrect: Byte;
_hWndChanceCount: HWND;
_wc: WNDCLASSEX; //窗体类
_nCount: DWORD;
_ImageBase: DWORD; //基地址
_EntryPoint: DWORD; //入口点地址
end;
var
AttachData: TAttachData;
//初始化数据
procedure Init_AttachData;
begin
FillChar(AttachData, SizeOf(Attachdata), 0);
with AttachData do
begin
szLibUser32 := 'user32'#0;
szLibGDI32 := 'gdi32'#0;
szLoadLibrary := 'LoadLibraryA'#0;
szFreeLibrary := 'FreeLibrary'#0;
szExitProcess := 'ExitProcess'#0;
szGetModuleHandle := 'GetModuleHandleA'#0;
szlstrlen := 'lstrlenA'#0;
szGetMessage := 'GetMessageA'#0;
szTranslateMessage := 'TranslateMessage'#0;
szDispatchMessage := 'DispatchMessageA'#0;
szGetSystemMetrics := 'GetSystemMetrics'#0;
szPostMessage := 'PostMessageA'#0;
szSendMessage := 'SendMessageA'#0;
szShowWindow := 'ShowWindow'#0;
szUpdateWindow := 'UpdateWindow'#0;
szLoadCursor := 'LoadCursorA'#0;
szLoadIcon := 'LoadIconA'#0;
szPostQuitMessage := 'PostQuitMessage'#0;
szMessageBox := 'MessageBoxA'#0;
szRegisterClassEx := 'RegisterClassExA'#0;
szCreateWindowEx := 'CreateWindowExA'#0;
szDefWindowProc := 'DefWindowProcA'#0;
szSetFocus := 'SetFocus'#0;
szGetWindowLong := 'GetWindowLongA'#0;
szSetWindowLong := 'SetWindowLongA'#0;
szGetDlgItemText := 'GetDlgItemTextA'#0;
szGetSystemMenu := 'GetSystemMenu'#0;
szAppendMenu := 'AppendMenuA'#0;
szIsDialogMessage := 'IsDialogMessage'#0;
szGetDlgItem := 'GetDlgItem'#0;
szwsprintf := 'wvsprintfA'#0; //wsprintfA
szSetWindowText := 'SetWindowTextA'#0;
szCreateFontIndirect := 'CreateFontIndirectA'#0;
szDeleteObject := 'DeleteObject'#0;
_fnt.lfHeight := 12;
_fnt.lfWidth := 0;
_fnt.lfEscapement := 0;
_fnt.lfOrientation := 0;
_fnt.lfWeight := FW_NORMAL;
_fnt.lfItalic := 0;
_fnt.lfUnderline := 0;
_fnt.lfStrikeOut := 0;
_fnt.lfCharSet := DEFAULT_CHARSET;
_fnt.lfOutPrecision := OUT_DEFAULT_PRECIS;
_fnt.lfClipPrecision := CLIP_DEFAULT_PRECIS;
_fnt.lfQuality := PROOF_QUALITY;
_fnt.lfPitchAndFamily := DEFAULT_PITCH or FF_DONTCARE;
_fnt.lfFaceName := '宋体';
_szAppClass := 'PEEncrypt'#0;
_szAppTitle := 'PE Encrypt :: v1.0'#0;
_szMenuAbout := '&About PE Encrypt...'#0;
_szMsgAbout := '[ PE Encrypt ]'#13#10
+ 'Version: 1.0'#13#10#13#10
+ '作者: Liwuyue'#13#10
+ '邮箱: smokingroom@sin.com'#13#10
+ '主页: http://www.programmerlife.com'#0;
_szClassEdit := 'Edit'#0;
_szClassStatic := 'Static'#0;
_szClassButton := 'Button'#0;
_szTitlePassword := '请输入密码:'#0;
_szOK := '确定(&O)'#0;
_szCancel := '取消(&C)'#0;
_szAbout := '关于'#0;
_szWrongPassword := '密码不正确,请重新输入!'#0;
_szTemplate := '--= 你还剩下 %d 次机会 =--'#0;
_nCount := 3;
end;
end;
//新加代码的开始就是加入节的内容
function AttachStart: DWORD; stdcall;
begin
asm
CALL @@1
@@1:
POP EAX
SUB EAX, 5
end;
end;
//附加段的处理模块
procedure MyFun();
var
AttachData: PAttachData;
dwKernel32: DWORD;
dwNtHeaders: DWORD;
dwExportEntry: DWORD;
dwAddressOfNames: DWORD;
dwAddressOfNameOrdinals: DWORD;
dwAddressOfFunctions: DWORD;
dwNumberOfNames: DWORD;
RelativeID: DWORD;
msg: TagMSG;
I: DWORD;
aLeft, aTop: Integer;
EntryPoint: DWORD;
begin
//******查找Kernel32.dll的基地址
asm
MOV EAX, [ESP+48]
AND EAX, $FFFF0000
@@chk:
CMP DWORD PTR [EAX], $00905A4D
JE @@fnd
SUB EAX, $1000
JMP @@chk
@@fnd:
MOV dwKernel32, EAX
end;
AttachData := Pointer(AttachStart - SizeOf(TAttachData));
dwNtHeaders := dwKernel32 + DWORD(PImageDosHeader(dwKernel32)._lfanew);
dwExportEntry := dwKernel32 + PImageNtHeaders(dwNtHeaders).OptionalHeader.DataDirectory[0].VirtualAddress;
dwAddressOfNames := dwKernel32 + DWORD(PImageExportDirectory(dwExportEntry).AddressOfNames);
dwAddressOfNameOrdinals := dwKernel32 + DWORD(PImageExportDirectory(dwExportEntry).AddressOfNameOrdinals);
dwAddressOfFunctions := dwKernel32 + DWORD(PImageExportDirectory(dwExportEntry).AddressOfFunctions);
dwNumberOfNames := PImageExportDirectory(dwExportEntry).NumberOfNames;
//*******在Kernel32.dll里面查找GetProcAddress函数的线性地址
for I := 0 to dwNumberOfNames - 1 do
begin
if (PDWORD(dwKernel32 + PDWORD(dwAddressOfNames + I * 4)^)^ = $50746547) //PteG --GetP
and (PDWORD(dwKernel32 + PDWORD(dwAddressOfNames + I * 4)^ + 4)^ = $41636F72) //Acor --rocA
and (PDWORD(dwKernel32 + PDWORD(dwAddressOfNames + I * 4)^ + 8)^ = $65726464) //erdd --ddre
and (PWORD(dwKernel32 + PDWORD(dwAddressOfNames + I * 4)^ + 12)^ = $7373) then //ss --ss
begin
RelativeID := PWORD(dwAddressOfNameOrdinals + I * 2)^;
AttachData._GetProcAddress := Pointer(dwKernel32 + PDWORD(dwAddressOfFunctions + RelativeID * 4)^);
Break;
end;
end;
//根据上面找到的 GetProcAddress 地址来找到我们需要的地址
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -