Expermicid Posted August 25, 2012 Share Posted August 25, 2012 (edited) [lenguaje=autoit]#cs ------------------------------------------------------- AutoIt Version: 3.3.8.1 Author..........: Pink Script Function...: Get_EOF Uso..............: Get_EOF(Runta Archuivo) Retorna : "Posicion EOF" #ce ------------------------------------ ;Ejemplo local $myfile="C:\Users\Usuario\Desktop\Anotador.exe" msgbox(0,"",Get_EOF($myfile)) Func Get_EOF($file) Const $l_fanew=60 Const $PEsize=4 Const $I_F_H=20 const $SizeS =40 local $LFvalue ;offset Entrada IMAGE_NT_HEADERS firma PE local $Size_O_H ;izeOfOptionalHeader local $NofS ;NumberOfSections local $fin_I_S_H ;IMAGE_SECTION_HEADER ;leyendo archivo y cargando buffer $hfile=fileopen($file) $binary=fileread($hfile,1000) ;offset Entrada IMAGE_NT_HEADERS firma PE $LFvalue=binarymid($binary,$l_fanew+1,4) $LFvalue=Dec(OLE(Stringreplace($LFvalue,"0x","",1,0))) ;NumberOfSections $NofS=$LFvalue+$PEsize+2 $NofS=BinaryMid($binary,($NofS+1),2) $NofS=Dec(OLE(Stringreplace($NofS,"0x","",1,0))) ;Tamaño SizeOfOptionalHeader $Size_O_H=$LFvalue+$PEsize+16 $Size_O_H=BinaryMid($binary,($Size_O_H+1),2) $Size_O_H=dec(OLE(StringReplace($Size_O_H,"0x","",1,0))) $fin_I_S_H=($LFvalue+$PEsize+$I_F_H+$Size_O_H)+($NofS*$SizeS) $RawSize=binarymid($binary,$fin_I_S_H-24,4) $RawSize=dec(StringReplace($RawSize,"0x","",1,0)) $RawOffset=binarymid($binary,$fin_I_S_H-20,4) $RawOffset=dec(StringReplace($RawOffset,"0x","",1,0)) fileclose($hfile) return $RawSize+$RawOffset EndFunc ;Funcion OLE "Orden Little Endian" Func OLE($Var) Local $len=stringlen($Var)/2 local $Array[$len+1] local $Char local $A=1 local $Result for $i= 1 to $len $Char=stringmid($Var,$A,2) $A+=2 $Array[$i]=$Char next for $x = $len to 1 Step -1 $Result&=$Array[$x] Next Return $Result EndFunc [/lenguaje] Autor: Pink Saludos Edited February 16, 2014 by Expermicid Link to comment Share on other sites More sharing options...
h4xor Posted August 25, 2012 Share Posted August 25, 2012 Re: Funcion Get_EOF Sin Estructuras "End of File" expermicid amigo pa que sirve ese? Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts