[Autoit] Get_EOF Ejemplos

[Danyfirex]

bueno aquí una pequeña contribución para los que les gusta Autoit 

Les dejo dos ejemplos uno con estructura y el otro sin estructura.

Código (php) [Seleccionar] Expandir

#cs -------------------------------------------------------
AutoIt Version: 3.3.8.1
Author..........: Pink
Script Function...: Get_EOF
Uso..............: Get_EOF(Runta Archuivo)
Retorna : "Posicion EOF"
Gracias: EON-Karcrack-The Swash
#ce -------------------------------------------------------


;Ejemplo
$Path="C:\Users\Usuario\Desktop\Anotador.exe"
msgbox(0,"",Get_EOF($Path))


Func Get_EOF($MyFile)
Local $File = FileOpen($MyFile,16)
If @error Then
Msgbox(0,"Error","No se Pudo leer el Archivo")
Endif

Local $FileLen = FileGetSize($MyFile)
Local $Binary = DllStructCreate("byte["& $FileLen &"]")
DllStructSetData($Binary,1,FileRead($File))
FileClose($File)
Local $BinaryPtr = DllStructGetPtr($Binary)




Local Const $I_N_H_Len = 248
Local Const $I_F_H_Len = 20
Local Const $I_O_H_Len = 224
Local Const $I_S_H_Len = 40

Local $IMAGE_DOS_HEADER = DllStructCreate( _
"WORD e_magic;WORD e_cblp;WORD e_cp;WORD e_crlc;WORD e_cparhdr;WORD e_minalloc;WORD e_maxalloc;"& _
"WORD e_ss;WORD e_sp;WORD e_csum;WORD e_ip;WORD e_cs;WORD e_lfarlc;WORD e_ovno;"& _
"WORD e_res[4];WORD e_oemid;WORD e_oeminfo;WORD e_res2[10];WORD e_lfanew",$BinaryPtr)


If Not DllStructGetData($IMAGE_DOS_HEADER,"e_magic") = 23177 Then
Msgbox(0,"Error","Firma MZ Si Encontrado " )
EndIf



$BinaryPtr += DllStructGetData($IMAGE_DOS_HEADER,"e_lfanew")

Local $IMAGE_NT_HEADERS = DllStructCreate( _
"DWORD signature;CHAR ifh["& $I_F_H_Len &"];CHAR ioh["& $I_O_H_Len &"]",$BinaryPtr)

If Not DllStructGetData($IMAGE_NT_HEADERS,"signature") = 17744 Then
Msgbox(0,"Error","Firma PE No Encontrada")
Endif

Local $IMAGE_FILE_HEADER = DllStructCreate( _
"WORD machine;WORD numberofsections;DWORD timedatestamp;DWORD pointertosymboltable;DWORD numberofsymbols;"& _
"WORD SizeOfOptionalHeader;WORD characteristics",DllStructGetPtr($IMAGE_NT_HEADERS,"ifh"))

local $IMAGE_OPT_HEADER = DllStructCreate( _
"WORD magic;BYTE majorlinkerversion;BYTE minorlinkerversion;DWORD sizeofcode;DWORD sizeofinitializeddata;"& _
"DWORD sizeofuninitializeddata;DWORD addressofentrypoint;DWORD baseofcode;DWORD baseofdata;DWORD imagebase;"& _
"DWORD sectionalignment;DWORD filealignment;WORD majoroperatingsystemversion;WORD minoroperatingsystemversion;"& _
"WORD majorimageversion;WORD minorimageversion;WORD majoresubsystemversion;WORD minorsubsystemversion;"& _
"DWORD win32versionvalue;DWORD sizeofimage;DWORD sizeofheaders;DWORD checksum;WORD subsystem;WORD dllcharacteristics;"& _
"DWORD sizeofstackreserve;DWORD sizeofstackcommit;DWORD sizeofheapcommit;DWORD loaderflags;DWORD numberofrvaandsizes;"& _
"DOUBLE datadirectory[16]",DllStructGetPtr($IMAGE_NT_HEADERS,"ioh"))

$BinaryPtr += $I_N_H_Len

$InicioINT=DllStructGetData($IMAGE_DOS_HEADER,"e_lfanew")
$NS=DllStructGetData($IMAGE_FILE_HEADER,'numberofsections')-1
$UTLS=$NS*$I_S_H_Len

$BinaryPtr += $UTLS

Local $IMAGE_SECTION_HEADER = DllStructCreate( _
"CHAR name[8];DWORD virtualsize;DWORD virtualaddress;DWORD sizeofrawdata;DWORD pointertorawdata;DWORD pointertorelocations;"& _
"DWORD pointertolinenumbers;WORD numberofrelocations;WORD numberoflinenumbers;DWORD characteristics",$BinaryPtr)




$RawSize=dec(Hex(DllStructGetData($IMAGE_SECTION_HEADER, "SizeOfRawData")))
$RawOffset=dec(Hex(DllStructGetData($IMAGE_SECTION_HEADER, "PointerToRawData")))


Return $RawSize+$RawOffset

EndFunc 

Código (php) [Seleccionar] Expandir

#cs -------------------------------------------------------
AutoIt Version: 3.3.8.1
Author..........: Pink
Script Function...: Get_EOF
Uso..............: Get_EOF(Runta Archuivo)
Retorna : "Posicion EOF"
Gracias: EON-Karcrack-The Swash
#ce ------------------------------------




;Ejemplo


local $myfile="C:\Users\Usuario\Desktop\Anotador.exe"

msgbox(0,"",Get_EOF($myfile))

Func Get_EOF($file)
    Const $l_fanew=60
    Const $PEsize=4
    Const $I_F_H=20
    const $SizeS =40
    local $LFvalue ;offset Entrada IMAGE_NT_HEADERS firma PE
    local $Size_O_H ;izeOfOptionalHeader
    local $NofS  ;NumberOfSections
    local $fin_I_S_H ;IMAGE_SECTION_HEADER


;leyendo archivo y cargando buffer
    $hfile=fileopen($file)
    $binary=fileread($hfile,1000)


;offset Entrada IMAGE_NT_HEADERS firma PE
   $LFvalue=binarymid($binary,$l_fanew+1,4)
   $LFvalue=Dec(OLE(Stringreplace($LFvalue,"0x","",1,0)))



     ;NumberOfSections
    $NofS=$LFvalue+$PEsize+2
    $NofS=BinaryMid($binary,($NofS+1),2)
    $NofS=Dec(OLE(Stringreplace($NofS,"0x","",1,0)))


    ;Tamaño SizeOfOptionalHeader
    $Size_O_H=$LFvalue+$PEsize+16
    $Size_O_H=BinaryMid($binary,($Size_O_H+1),2)
    $Size_O_H=dec(OLE(StringReplace($Size_O_H,"0x","",1,0)))


$fin_I_S_H=($LFvalue+$PEsize+$I_F_H+$Size_O_H)+($NofS*$SizeS)



$RawSize=binarymid($binary,$fin_I_S_H-24,4)
$RawSize=dec(StringReplace($RawSize,"0x","",1,0))

$RawOffset=binarymid($binary,$fin_I_S_H-20,4)
$RawOffset=dec(StringReplace($RawOffset,"0x","",1,0))


fileclose($hfile)

return $RawSize+$RawOffset




EndFunc


;Funcion OLE "Orden Little Endian"
Func OLE($Var)
Local $len=stringlen($Var)/2
local $Array[$len+1]
local $Char
local $A=1
local $Result
for $i= 1 to $len
    $Char=stringmid($Var,$A,2)
    $A+=2
    $Array[$i]=$Char
    next
for $x = $len to 1 Step -1
    $Result&=$Array[$x]
Next
Return $Result
EndFunc 


Saludos cualquier dura aquí estoy