■ ■ ■ ■ ■ ■
SearchAvailableExe/SearchAvailableExe.cpp
| skipped 148 lines |
149 | 149 | | } |
150 | 150 | | |
151 | 151 | | int main(int argc, char* argv[]) { |
152 | | - | |
| 152 | + | //处理传入的参数 |
153 | 153 | | memset(&c, 0, sizeof(c)); |
154 | 154 | | |
155 | 155 | | c.dllCount = 1; |
| skipped 18 lines |
174 | 174 | | } |
175 | 175 | | output = &outputFile; |
176 | 176 | | } |
177 | | - | |
| 177 | + | //第一步:多线程递归遍历指定目录,筛选出带有签名的可执行文件,并获取可能需要加载dll信息等 |
178 | 178 | | if (c.input[0] == 0) { |
179 | 179 | | for (char drive = 'A'; drive <= 'Z'; ++drive) { |
180 | 180 | | wstring rootDirectory = wstring(1, drive) + L":"; |
| skipped 3 lines |
184 | 184 | | else { |
185 | 185 | | ListExecutableFiles(ConvertToWideString(c.input)); |
186 | 186 | | } |
187 | | - | |
| 187 | + | //对遍历的结果排序 |
188 | 188 | | sort(results.begin(), results.end(), compare); |
189 | 189 | | |
| 190 | + | //根据指定条件对结果过滤 |
190 | 191 | | results.erase(std::remove_if(results.begin(), results.end(), isUnwanted), results.end()); |
191 | 192 | | |
| 193 | + | //创建线程,监听第二步运行时的报错弹窗,及时关闭 |
192 | 194 | | HANDLE hThread = CreateThread(NULL, 0, MonitorThread, NULL, 0, NULL); |
193 | 195 | | |
194 | | - | //运行目标程序,判断是否会加载hook的dll |
| 196 | + | //第二步:多线程运行找到的白程序,判断是否会加载被hook的dll,并进行上线测试 |
195 | 197 | | std::vector<std::thread> threads; |
196 | 198 | | for (const auto& result : results) { |
197 | 199 | | threads.push_back(std::thread(RunPE, result)); |
| skipped 3 lines |
201 | 203 | | |
202 | 204 | | TerminateThread(hThread, 0); |
203 | 205 | | |
| 206 | + | //对结果进行过滤,去除不满足条件的白程序 |
204 | 207 | | results.erase(std::remove_if(results.begin(), results.end(), isAvailable), results.end()); |
205 | 208 | | |
206 | 209 | | *output << "找到可利用白文件:" << results.size() << "个" << endl; |
| skipped 39 lines |