crash.software
Projects
Pull Requests
Issues
Builds
SearchAvailableExe
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY SearchAvailableExe Commits 58210c6d
🤬

  • 添加是否保存可利用文件参数,调整输出

  • Loading...
  • maoku committed 2 months ago
    58210c6d
    1 parent 0b96b9a3
  • ■ ■ ■ ■ ■ ■
    SearchAvailableExe/SearchAvailableExe.cpp
    skipped 112 lines
    113 113   printf(" -w,--write: <bool> Whether to only output information about directories with write permissions, with the default value being 'no'.\n");
    114 114   printf(" -c,--count: <count> Controls the output of the number of DLLs loaded by white programs, only outputting if the count is less than or equal to a specified value. The default value is 1.\n");
    115 115   printf(" -b,--bit: <count> Select the output bitness, supporting 32, 64, and 96 bits. The default is 96 bits, while also outputting information for 32 and 64-bit white programs.\n");
     116 + printf(" -s,--save: <bool> Whether to save available files, default is not to save.\n");
    116 117   exit(0);
    117 118  }
    118 119   
    skipped 41 lines
    160 161   get_opt(argc, argv, OPT_TYPE_FLAG, &c.isWrite, "w", "write", NULL);
    161 162   get_opt(argc, argv, OPT_TYPE_DEC, &c.dllCount, "c", "count", validate_dllCount);
    162 163   get_opt(argc, argv, OPT_TYPE_DEC, &c.bit, "b", "bit", validate_bit);
     164 + get_opt(argc, argv, OPT_TYPE_FLAG, &c.isSaveFile, "s", "save", NULL);
    163 165   
    164 166   ostream* output = &cout;
    165 167   ofstream outputFile;
    skipped 20 lines
    186 188   sort(results.begin(), results.end(), compare);
    187 189   
    188 190   results.erase(std::remove_if(results.begin(), results.end(), isUnwanted), results.end());
    189  - 
    190  - *output << "dll信息统计完毕,初步符合要求的白程序有:" << results.size() << "个" << endl;
    191 191   
    192 192   HANDLE hThread = CreateThread(NULL, 0, MonitorThread, NULL, 0, NULL);
    193 193   
    skipped 16 lines
    210 210   *output << "程序位数: " << result->bit << " 目录是否可写: " << result->isWrite << endl;
    211 211   *output << "可利用DLL: " << result->exploitDllPath << endl;
    212 212   
    213  - /*if (result->preLoadDlls.size() > 0) {
    214  - *output << "DLL: " << result->preLoadDlls.size() << endl;
    215  - for (const auto& dll : result->preLoadDlls) {
    216  - *output << dll << endl;
    217  - delete[] dll;
     213 + if (result->preLoadDlls.size() + result->postLoadDlls.size() > 1) {
     214 + *output << "DLL: " << endl;
     215 + if (result->preLoadDlls.size() > 0) {
     216 + for (const auto& dll : result->preLoadDlls) {
     217 + if (result->exploitDllPath != dll)
     218 + *output << dll << endl;
     219 + delete[] dll;
     220 + }
    218 221   }
    219  - }
    220 222   
    221  - if (result->postLoadDlls.size() > 0) {
    222  - *output << "动态加载DLL个数: " << result->postLoadDlls.size() << endl;
    223  - for (const auto& dll : result->postLoadDlls) {
    224  - *output << dll << endl;
    225  - delete[] dll;
     223 + if (result->postLoadDlls.size() > 0) {
     224 + for (const auto& dll : result->postLoadDlls) {
     225 + if (result->exploitDllPath != dll)
     226 + *output << dll << endl;
     227 + delete[] dll;
     228 + }
    226 229   }
    227  - }*/
     230 + }
    228 231   
    229 232   *output << "--------------------------------------------------" << endl;
    230 233   
    skipped 12 lines
  • ■ ■ ■ ■
    SearchAvailableExe/SearchAvailableExe.vcxproj.user
    1 1  <?xml version="1.0" encoding="utf-8"?>
    2 2  <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
    3 3   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    4  - <LocalDebuggerCommandArguments>-i "D:"</LocalDebuggerCommandArguments>
     4 + <LocalDebuggerCommandArguments>-i "D:\envPath\java\jdk1.8\bin" -c 2</LocalDebuggerCommandArguments>
    5 5   <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
    6 6   </PropertyGroup>
    7 7   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    skipped 4 lines
  • ■ ■ ■ ■ ■ ■
    SearchAvailableExe/Tools.cpp
    skipped 797 lines
    798 798   
    799 799   CopyFileA(sourceFilePath.c_str(), targetFilePath.c_str(), FALSE);
    800 800   
    801  - if (isNeedHook)
     801 + if (isNeedHook) {
     802 + std::lock_guard<std::mutex> lock(mtx);
    802 803   fixFile(targetFilePath, exitCode);
     804 + }
    803 805   
    804 806   return targetFilePath;
    805 807  }
    skipped 118 lines
    924 926   result->exploitDllPath = "";
    925 927   }
    926 928  
    927  - while (!DeleteDirectory(folderPath.c_str())) {}
     929 + if (!(c.isSaveFile && result->exploitDllPath != ""))
     930 + while (!DeleteDirectory(folderPath.c_str())) {}
    928 931  }
  • ■ ■ ■ ■ ■ ■
    SearchAvailableExe/Tools.h
    skipped 17 lines
    18 18   
    19 19  typedef struct {
    20 20   bool isWrite;
     21 + bool isSaveFile;
    21 22   string filePath;
    22 23   string fileDir;
    23 24   int bit;
    skipped 10 lines
    34 35   bool isWrite;
    35 36   int dllCount;
    36 37   int bit;
     38 + bool isSaveFile;
    37 39  } ARG_CONFIG, * PARG_CONFIG;
    38 40   
    39 41  BOOL VerifyFileSignature(LPCWSTR filePath);
    skipped 4 lines
Please wait...
Page is in error, reload to recover