Click here to Skip to main content
12,635,649 members (25,583 online)
Click here to Skip to main content

Stats

167.6K views
8.4K downloads
275 bookmarked
Posted

Injective Code inside Import Table

, 29 Mar 2007 GPL3
An introduction to injection the code into Import Table of Portable Executable file format, which is called API redirection technique.
itview
itview
itview.exe
itview.suo
Graphics
cursors
icons
itview.ico
Thumbs.db
XPtheme
itview.exe.manifest
pemaker6
pemaker
pemaker.exe
pemaker.suo
Graphics
cursors
icons
PEicon.ico
Thumbs.db
XPtheme
pemaker.exe.manifest
pemaker7
CALC_injected.EXE
CALC_test.EXE
pemaker
pemaker.exe
pemaker.suo
Graphics
cursors
icons
PEicon.ico
Thumbs.db
XPtheme
pemaker.exe.manifest
ZImport
CALC_test.EXE
ZImport
ZImport.exe
ZImport.suo
Graphics
cursors
Finder.cur
icons
DockedFinder.ico
FloatingFinder.ico
Thumbs.db
ZImport.ico
XPtheme
ZImport.exe.manifest
/* peliberr.cpp --

   This file is part of the "PE Maker".

   Copyright (C) 2005-2006 Ashkbiz Danehkar
   All Rights Reserved.

   "PE Maker" library are free software; you can redistribute them
   and/or modify them under the terms of the GNU General Public License as
   published by the Free Software Foundation.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYRIGHT.TXT.
   If not, write to the Free Software Foundation, Inc.,
   59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

   yodap's Site:
   http://yodap.sourceforge.net

   Ashkbiz Danehkar
   <ashkbiz@yahoo.com>
*/
#include "stdafx.h"
#include "PELibErr.h"

const char	*szFileErr			="File access error :(";
const char	*szNoPEErr			="Invalid PE file!";
const char	*szNoMemErr			="Not enough memory :(";
const char	*szFsizeErr			="Files with a filesize of 0 aren't allowed!";
const char	*szNoRoom4SectionErr="There's no room for a new section :(";
const char	*szSecNumErr		="Too many sections!";
const char	*szIIDErr			="Too much ImageImportDescriptors!";
const char	*szFileISProtect	="File already was protected!";
const char	*szPEnotValid		="Invalid PE file! It might be protected by another tool.";
const char	*szPEisCOMRuntime	="This Version does not support COM Runtime structure.";
const char	*szDLLnotSupport	="This Version does not support dynamic link library.";
const char	*szWDMnotSupport	="This Version does not support windows driver model.";
const char	*szTServernotSupport="This Version does not support terminal server aware.";
const char	*szSYSnotSupport	="This Version does not support system file.";
const char	*szNOSEHnotSupport	="No SE handler resides in this PE.";
const char	*szNOBINDnotSupport	="Can not support PE file with no bind.";
const char	*szPackSectionName	="Section's Name is not recognized :(";

void ShowErr(unsigned char numErr);

//----------------------------------------------------------------
//----- ERROR MESSAGES ----
//The ShowErr display message by receiving its Error Number
void ShowErr(unsigned char numErr)
{
	char *szErr=new TCHAR[64];
	switch(numErr)
	{
	case MemErr:
		strcpy(szErr,szNoMemErr);
		break;

	case PEErr:
		strcpy(szErr,szNoPEErr);
		break;

	case FileErr:
		strcpy(szErr,szFileErr);
		break;

	case NoRoom4SectionErr:
		strcpy(szErr,szNoRoom4SectionErr);
		break;

	case FsizeErr:
		strcpy(szErr,szFsizeErr);
		break;

	case SecNumErr:
		strcpy(szErr,szSecNumErr);
		break;

	case IIDErr:
		strcpy(szErr,szIIDErr);
		break;

	case FileISProtect:
		strcpy(szErr,szFileISProtect);
		break;

	case PEnotValid:
		strcpy(szErr,szPEnotValid);
		break;
		
	case PEisCOMRuntime:
		strcpy(szErr,szPEisCOMRuntime);
		break;

	case DLLnotSupport:
		strcpy(szErr,szDLLnotSupport);
		break;

	case WDMnotSupport:
		strcpy(szErr,szWDMnotSupport);
		break;

	case TServernotSupport:
		strcpy(szErr,szTServernotSupport);
		break;

	case SYSnotSupport:
		strcpy(szErr,szSYSnotSupport);
		break;

	case NOSEHnotSupport:
		strcpy(szErr,szNOSEHnotSupport);
		break;

	case NOBINDnotSupport:
		strcpy(szErr,szNOBINDnotSupport);
		break;

	case PackSectionName:
		strcpy(szErr,szPackSectionName);
		break;
	}
	MessageBox(GetActiveWindow(),szErr,
			   "Error", 
			   MB_OK | MB_ICONERROR );
}	

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The GNU General Public License (GPLv3)

Share

About the Author

A. Danehkar
Germany Germany
No Biography provided

You may also be interested in...

Pro
Pro
| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.161208.2 | Last Updated 29 Mar 2007
Article Copyright 2006 by A. Danehkar
Everything else Copyright © CodeProject, 1999-2016
Layout: fixed | fluid