این رو واسه بدست آوردن امضای Ùایلهای اجرایی Ùˆ Dll ها با طول های دلخواه نوشتم با این کد میتونید برنامه های شبیه به PEID طراØÛŒ کنید
روش استÙاده
کد:
//Coded By Arash Veyskarami //http://www.jeyjey.blogfa.com unit Sign; interface uses Windows; var Offset:dword; function GetSignature(szFilename:string;Lenght:integer;Sept:boolean):string; implementation function IntToHex(dwValue, dwDigits: DWord): String; const hex: array[0..$F] of char = ('0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'); begin if (dwDigits > 8) then dwDigits := 8; Result := Copy( hex[(dwValue and $F0000000) shr 28]+ hex[(dwValue and $0F000000) shr 24]+ hex[(dwValue and $00F00000) shr 20]+ hex[(dwValue and $000F0000) shr 16]+ hex[(dwValue and $0000F000) shr 12]+ hex[(dwValue and $00000F00) shr 8]+ hex[(dwValue and $000000F0) shr 4]+ hex[(dwValue and $0000000F) shr 0],9-dwDigits,dwDigits); end; function FileSeek(Handle, Offset, Origin: Integer): Integer; begin {$IFDEF MSWINDOWS} Result := SetFilePointer(THandle(Handle), Offset, nil, Origin); {$ENDIF} {$IFDEF LINUX} Result := __lseek(Handle, Offset, Origin); {$ENDIF} end; function FileRead(Handle: Integer; var Buffer; Count: LongWord): Integer; begin {$IFDEF MSWINDOWS} if not ReadFile(THandle(Handle), Buffer, Count, LongWord(Result), nil) then Result := -1; {$ENDIF} {$IFDEF LINUX} Result := __read(Handle, Buffer, Count); {$ENDIF} end; procedure FileClose(Handle: Integer); begin {$IFDEF MSWINDOWS} CloseHandle(THandle(Handle)); {$ENDIF} {$IFDEF LINUX} __close(Handle); {$ENDIF} end; function LowerCase(const S: string): string; var Ch: Char; L: Integer; Source, Dest: PChar; begin L := Length(S); SetLength(Result, L); Source := Pointer(S); Dest := Pointer(Result); while L <> 0 do begin Ch := Source^; if (Ch >= 'A') and (Ch <= 'Z') then Inc(Ch, 32); Dest^ := Ch; Inc(Source); Inc(Dest); Dec(L); end; end; function GetSignature(szFilename:string;Lenght:integer;Sept:boolean):string; var i,F:integer; Signature,BytesRead,EP,IVA,RAW,UNL: DWORD; Dos_Header: IMAGE_DOS_HEADER; Pe_Header: IMAGE_FILE_HEADER; Opt_Header: IMAGE_OPTIONAL_HEADER; ImgSection:_IMAGE_SECTION_HEADER; Buff:char; Sep:string; begin Result:=''; F := CreateFile(pchar(szFilename), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0); ReadFile(F,Dos_header,SizeOf(Dos_header),BytesRead,nil); if dos_header.e_magic <> IMAGE_DOS_SIGNATURE then begin Exit; end; SetFilePointer(THandle(F), dos_header._lfanew, nil, 0); ReadFile(F,signature, SizeOf(signature),BytesRead,nil); if signature <> IMAGE_NT_SIGNATURE then begin Exit; end; ReadFile(F,pe_header, SizeOf(pe_header),BytesRead,nil); if pe_header.SizeOfOptionalHeader > 0 then begin ReadFile(F,opt_header, SizeOf(opt_header),BytesRead,nil); ReadFile(F,imgsection, SizeOf(imgsection),BytesRead,nil); EP:=opt_header.AddressOfEntryPoint; IVA:=imgsection.VirtualAddress; RAW:=imgsection.PointerToRawData; UNL:=opt_header.SizeOfUninitializedData; UNL:=IVA+UNL; Offset:=EP-UNL+RAW; end; for i:=Offset to Offset+Lenght do begin FileSeek(F,i,0); FileRead(F,Buff,SizeOf(Byte)); if Sept=True Then if i <= Offset+Lenght-1 then Sep:=',' else Sep:=''; Result:=(Result+IntToHex(Ord(Char(Buff)),2)+Sep); end; FileClose(f); end; end.
روش استÙاده
کد:
uses Sign; Edit1.Text:=GetSignature('C:\MyFile.exe',20,True);
Comment