[HELP] Using MoveMem and Removing Types

Iniciado por Swellow, 8 Mayo 2012, 20:33 PM

0 Miembros y 1 Visitante están viendo este tema.

Swellow

Hi! Can anyone help me removing Type declares and using MoveMem alternative in that code:

Spanish:

¡Hola! ¿Puede alguien ayudarme a eliminar el tipo de declara y el uso de alternativas MoveMem en ese código:

Option Explicit

Private Declare Function GetModuleHandle Lib "KERNEL32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long

Private Type IMAGE_DOS_HEADER
   e_magic                 As Integer
   e_cblp                  As Integer
   e_cp                    As Integer
   e_crlc                  As Integer
   e_cparhdr               As Integer
   e_minalloc              As Integer
   e_maxalloc              As Integer
   e_ss                    As Integer
   e_sp                    As Integer
   e_csum                  As Integer
   e_ip                    As Integer
   e_cs                    As Integer
   e_lfarlc                As Integer
   e_onvo                  As Integer
   e_res(0 To 3)           As Integer
   e_oemid                 As Integer
   e_oeminfo               As Integer
   e_res2(0 To 9)          As Integer
   e_lfanew                As Long
End Type

Private Type IMAGE_FILE_HEADER
   Machine                 As Integer
   NumberOfSections        As Integer
   TimeDataStamp           As Long
   PointerToSymbolTable    As Long
   NumberOfSymbols         As Long
   SizeOfOptionalHeader    As Integer
   Characteristics         As Integer
End Type

Private Type IMAGE_DATA_DIRECTORY
 VirtualAddress As Long
 isize As Long
End Type

Private Type IMAGE_OPTIONAL_HEADER32
   Magic                   As Integer
   MajorLinkerVersion      As Byte
   MinorLinkerVersion      As Byte
   SizeOfCode              As Long
   SizeOfInitalizedData    As Long
   SizeOfUninitalizedData  As Long
   AddressOfEntryPoint     As Long
   BaseOfCode              As Long
   BaseOfData              As Long
   ImageBase               As Long
   SectionAlignment        As Long
   FileAlignment           As Long
   MajorOperatingSystemVer As Integer
   MinorOperatingSystemVer As Integer
   MajorImageVersion       As Integer
   MinorImageVersion       As Integer
   MajorSubsystemVersion   As Integer
   MinorSubsystemVersion   As Integer
   Reserved1               As Long
   SizeOfImage             As Long
   SizeOfHeaders           As Long
   CheckSum                As Long
   Subsystem               As Integer
   DllCharacteristics      As Integer
   SizeOfStackReserve      As Long
   SizeOfStackCommit       As Long
   SizeOfHeapReserve       As Long
   SizeOfHeapCommit        As Long
   LoaerFlags              As Long
   NumberOfRvaAndSizes     As Long
   DataDirectory(0 To 15) As IMAGE_DATA_DIRECTORY
End Type

Private Type IMAGE_SECTION_HEADER
   Name As String * 8
   VirtualSize As Long
   VirtualAddress As Long
   SizeOfRawData As Long
   PointerToRawData As Long
   PointerToRelocations As Long
   PointerToLinenumbers As Long
   NumberOfRelocations As Integer
   NumberOfLinenumbers As Integer
   Characteristics As Long
End Type

Private Type IMAGE_NT_HEADERS
   Signature As Long
   FileHeader As IMAGE_FILE_HEADER
   OptionalHeader As IMAGE_OPTIONAL_HEADER32
End Type

Private Declare Sub CopyMemory Lib "KERNEL32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)

Private Function GetSettings(ByVal szTargetSectionName As String) As String
Dim MZHeader As IMAGE_DOS_HEADER
Dim PEHeader As IMAGE_NT_HEADERS
Dim Section As IMAGE_SECTION_HEADER
Dim pMe As Long, pSection As Long
Dim i As Integer
   If Len(szTargetSectionName) < 1 Then Exit Function
       If Len(szTargetSectionName) > 8 Then szTargetSectionName = Left$(szTargetSectionName, 8)
       pMe = GetModuleHandle(vbNullString)
           If pMe Then
               CopyMemory MZHeader, ByVal pMe, Len(MZHeader)
               If MZHeader.e_magic = "&H5A4D" Then
               CopyMemory PEHeader, ByVal pMe + MZHeader.e_lfanew, Len(PEHeader)
               If PEHeader.Signature = "&H4550" Then
               pSection = pMe + MZHeader.e_lfanew + 24 + PEHeader.FileHeader.SizeOfOptionalHeader
               For i = 0 To PEHeader.FileHeader.NumberOfSections - 1
                   CopyMemory Section, ByVal pSection, Len(Section)
                   If Left(Section.Name, Len(szTargetSectionName)) = szTargetSectionName Then
                       GetSettings = String(Section.VirtualSize, Chr(0))
                       CopyMemory ByVal GetSettings, ByVal pMe + Section.VirtualAddress, Section.VirtualSize
                       Exit For
                   End If
                   pSection = pSection + Len(Section)
               Next i
           End If
       End If
   End If
End Function

x64core

Usa el traductor:
http://translate.google.com.sv/?hl=es&tab=wT

Aquí en el foro se escribe español/Castellano, no íngles

Swellow

Cita de: RHL en  9 Mayo 2012, 01:28 AM
Usa el traductor:
http://translate.google.com.sv/?hl=es&tab=wT

Aquí en el foro se escribe español/Castellano, no íngles

I have just edited to spanish :)

Acabo de editar al español :)

Karcrack

#3
@RHL: No deberías tú ser quién decida si un usuario puede postear en otro lenguaje, sino un moderador.

@Swellow: I already did those adjustments in the kInvoke, just take a look on it and you'd be able to see how to do it in your code.

Regards.

x64core

Cita de: Karcrack en  9 Mayo 2012, 18:30 PM
@RHL: No deberías tú ser quién decida si un usuario puede postear en otro lenguaje, sino un moderador.

@Swellow: I already did those adjustments in the kInvoke, just take a look on it and you'd be able to see how to do it in your code.

Regards.
Qué? Karcrak pero estamos en un foro Español/Castellano no en un foro en ingles, Sabiendo que los dos somos/eramos miembros también de foros de idioma ingles
no escribimos en español... bueno aunque eso es política de cada foro.
Además no siempre tendrás tiempo tú (porque la mayoría las respondes tu), para venir a resolver todas las dudas de todos los usuarios de otros foros para que vienen a que les hagan las tareas o algo por el estilo  >:(

Karcrack

No desviemos el tema, si quieres discutir mi opinión hagámoslo por chat o por MP.

rembolso

what is your goal, you  put more information
Example :
Código (vb) [Seleccionar]
Private Sub Form_Load()

' Use a block of memory as an intermediary step to copy
' the contents of array s() to array t(). Yes, you could copy them directly,
' but this demonstrates a few different memory functions.
Dim s(0 To 255) As Integer, t(0 To 255) As Integer ' arrays to copy from/to
Dim c As Integer, retval As Long ' counter variable & return value
Dim hMem As Long, pMem As Long ' handle and pointer to memory block

' Initialize the source array s()'s data
For c = 0 To 255
s(c) = 2 * c ' each element equals double its index
Next c

' Allocate a moveable block of memory (returns a handle) (Integer type = 2 bytes)
hMem = GlobalAlloc(GMEM_MOVEABLE Or GMEM_ZEROINIT, 256 * 2)
' Lock the memory block, returning a pointer to it
pMem = GlobalLock(hMem)
' Copy the entire contents of s() to the memory block
' Note that pMem is ByVal because we want its contents, not a pointer to it
CopyMemory ByVal pMem, s(0), 255 * 2
' Copy the contents of the memory block to t() (we could have just copied s() to t())
CopyMemory t(0), ByVal pMem, 256 * 2
' Unlock the memory block, destroying the pointer and freeing resources
x = GlobalUnlock(hMem)
' Free the memory block (de-allocate it)
x = GlobalFree(hMem)

' Verify that t() = s(), which it should
For c = 0 To 255
If s(c) <> t(c) Then Debug.Print "Copy attempt failed."
List1.AddItem t(c)

Next


End Sub

'''
module
Código (vb) [Seleccionar]
Declare Sub CopyMemory Lib "kernel32.dll" Alias "RtlMoveMemory" (hpvDest As Any, hpvSource As Any, ByVal cbCopy As Long)
Declare Function GlobalAlloc Lib "kernel32.dll" (ByVal wFlags As Long, ByVal dwBytes As Long) As Long
Declare Function GlobalLock Lib "kernel32.dll" (ByVal hMem As Long) As Long
Declare Function GlobalUnlock Lib "kernel32.dll" (ByVal hMem As Long) As Long
Declare Function GlobalFree Lib "kernel32.dll" (ByVal hMem As Long) As Long

Swellow

I want to remove all type declares and if possible using MoveMem alternative func but I think I can do this by my own.