ZC: cnpack 还是蛮好用的
1、代码:
procedure TForm1.btnRandomizedBaseAddressClick(Sender: TObject);
var pDosHdr :PImageDosHeader;
pNtHdrs :PImageNtHeaders;
pNtFileHdr :PImageFileHeader;
ms :TMemoryStream;
lbRelocsStripped :LongBool;// IMAGE_FILE_RELOCS_STRIPPED;
strExe, strExe2 :string;
begin
strExe := Trim(edtSelectFile01.Text);
//ShowMessage(ExtractFilePath(strExe));
//ShowMessage(ExtractFileName(strExe));
//Exit;
strExe2 := ExtractFilePath(strExe)+'ZZ_'+ExtractFileName(strExe); ms := TMemoryStream.Create;
try
ms.LoadFromFile(strExe); pDosHdr := ms.Memory;
pNtHdrs := PImageNtHeaders(DWORD(ms.Memory) + pDosHdr._lfanew);
if pNtHdrs.Signature <> $ then // PE
ShowMessage('不是PE文件')
else
begin
pNtFileHdr := @pNtHdrs.FileHeader;
lbRelocsStripped := LongBool(pNtFileHdr.Characteristics and $);
if lbRelocsStripped then
ShowMessage('固定基址')
else
begin
if MessageBox(Self.Handle, '是否修改为固定基址?', '随机基址', MB_YESNO)=IDYES then
begin
pNtFileHdr.Characteristics := pNtFileHdr.Characteristics or $;
ms.SaveToFile(strExe2);
ShowMessage('随机基址 改为 固定基址 ==> 操作完成');
end;
end;
end;
finally
ms.Free;
end;
end;
2、