c++之window filesearch和LoadLibraryA的实现
2016-08-11 18:57
381 查看
#include <windows.h> #include <algorithm> #include <string> using namespace std; bool FileSearch(string sSearch, string sFolder) { // This recursive function will search for a filename or part of it, // inside the specified folder and in all its subfolders. // Coded by Viotto - http://Breaking-Security.net std::transform(sSearch.begin(), sSearch.end(), sSearch.begin(), ::tolower); // Check for final slash in path and append it if missing if (sFolder[sFolder.length() -1] != '\\') { sFolder += "\\"; } WIN32_FIND_DATA FileInfo; HANDLE hFind = FindFirstFileA(string(sFolder + "*").c_str(), &FileInfo); if (hFind == INVALID_HANDLE_VALUE) { FindClose(hFind); return false; } string sFileInfo; while (FindNextFile(hFind, &FileInfo) != 0) { if (FileInfo.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY && strcmp(FileInfo.cFileName, ".") != 0 && strcmp(FileInfo.cFileName, "..") != 0) { string sRecursiveDir = sFolder + string(FileInfo.cFileName); FileSearch(sSearch, sRecursiveDir); } string sFileName(FileInfo.cFileName); std::transform(sFileName.begin(), sFileName.end(), sFileName.begin(), ::tolower); if (sFileName.find(sSearch) != string::npos) { //Search string has been found inside file name printf(string(sFolder + FileInfo.cFileName + "\n").c_str()); } } FindClose(hFind); return true; } typedef struct _UNICODE_STRING { // UNICODE_STRING structure USHORT Length; USHORT MaximumLength; PWSTR Buffer; } UNICODE_STRING, *PUNICODE_STRING; typedef NTSTATUS (WINAPI *fLdrLoadDll) //LdrLoadDll function prototype ( IN PWCHAR PathToFile OPTIONAL, IN ULONG Flags OPTIONAL, IN PUNICODE_STRING ModuleFileName, OUT PHANDLE ModuleHandle ); typedef VOID (WINAPI *fRtlInitUnicodeString) //RtlInitUnicodeString function prototype ( PUNICODE_STRING DestinationString, PCWSTR SourceString ); HMODULE hntdll; fLdrLoadDll _LdrLoadDll; fRtlInitUnicodeString _RtlInitUnicodeString; //http://breaking-security.net/csources.php //LoadLibraryA HMODULE LoadDll( LPCSTR lpFileName) { //by Viotto - http://breaking-security.net if (hntdll == NULL) { hntdll = GetModuleHandleA("ntdll.dll"); } if (_LdrLoadDll == NULL) { _LdrLoadDll = (fLdrLoadDll) GetProcAddress ( hntdll, "LdrLoadDll"); } if (_RtlInitUnicodeString == NULL) { _RtlInitUnicodeString = (fRtlInitUnicodeString) GetProcAddress ( hntdll, "RtlInitUnicodeString"); } int StrLen = lstrlenA(lpFileName); BSTR WideStr = SysAllocStringLen(NULL, StrLen); MultiByteToWideChar(CP_ACP, 0, lpFileName, StrLen, WideStr, StrLen); UNICODE_STRING usDllName; _RtlInitUnicodeString(&usDllName, WideStr); SysFreeString(WideStr); HANDLE DllHandle; _LdrLoadDll(0, 0, &usDllName, &DllHandle); return (HMODULE)DllHandle; } int LoadDll_demo() //Usage example { HMODULE hmodule = LoadDll("Kernel32.dll"); //HMODULE hmodule = LoadLibraryA("Kernel32.dll"); return (int)hmodule; } // Usage example: // filesearch "Notepad" "C:\Windows" //http://breaking-security.net/csources.php void main(int argc, char* argv[]) { if (argc == 3) { FileSearch(argv[1], argv[2]); printf("Search finished!\n"); } else { printf("Wrong number of parameters\n demo:win32_api.exe yunshouhu d:/apache \n"); printf("LoadDll_demo=%d \n",LoadDll_demo()); HMODULE hmodule = LoadLibraryA("Kernel32.dll"); printf("LoadLibraryA=%d \n",(int)hmodule); LoadDll_demo(); } //system("pause"); }
相关文章推荐
- c/c++练习--01
- poj 3009 Curling 2.0(冰壶 直到遇到障碍才停下 dfs)
- C++基础学习笔记 - 函数模板
- leetcode:字符串之Length of Last Word
- C语言学习11
- C语言 之 字符串(数组)
- C++类对象创建过程揭密
- OC_06字符串
- C++实现二叉排序树BSTree --插入删除摧毁查找等操作
- 深入理解 C++迭代器 iterator
- C++中的继承(二)
- C++命名空间两种用法
- 关于C++中的cout
- C++对象的动态建立和释放
- C/C++输入输出
- 顺序表C++版
- 初学C语言:字符串逆序存放(调用函数)
- leetcode:字符串之Anagrams
- C/C++ base64 编解码
- C++和C的一些区别