[转载]用VC创建不导入任何DLL的WIN32程序
<P>信息来源:<U><FONT color=#800080>ZwelL’s blog</FONT></U></P><DIV class=postTitle><A href="http://blog.donews.com/zwell/archive/2005/10/21/596178.aspx">用VC创建不导入任何DLL的WIN32程序</A> </DIV>
<DIV class=postText><A href="http://blog.vckbase.com/Files/BastEt/testnodll.zip" target=_new>[url]http://blog.vckbase.com/Files/BastEt/testnodll.zip[/url]</A> <BR>VC2003编译,我想用VC6肯定也能编译通过,不过机器上没装,哪个有空帮我看看在VC6下能达到多少字节? <BR>#define WIN32_LEAN_AND_MEAN<BR>#define WINVER 0x0500<BR>#include <windows.h><BR><BR>//==========================好麻烦的结构啊,晕死他的BOOLEAN了,搞得不能对齐。==========<BR>#pragma pack(push,8)<BR><BR>typedef struct _PEB_LDR_DATA<BR>{<BR> ULONG Length;<BR> BOOLEAN Initialized;<BR> PVOID SsHandle;<BR> LIST_ENTRY InLoadOrderModuleList;<BR> LIST_ENTRY InMemoryOrderModuleList;<BR> LIST_ENTRY InInitializationOrderModuleList;<BR>} PEB_LDR_DATA, *PPEB_LDR_DATA;<BR><BR>typedef struct _UNICODE_STRING<BR>{<BR> USHORT Length;<BR> USHORT MaximumLength;<BR> PWSTR Buffer;<BR>} UNICODE_STRING, *PUNICODE_STRING;<BR><BR>typedef struct _LDR_MODULE {<BR> LIST_ENTRY InLoadOrderModuleList;<BR> LIST_ENTRY InMemoryOrderModuleList;<BR> LIST_ENTRY InInitializationOrderModuleList;<BR> PVOID BaseAddress;<BR> PVOID EntryPoint;<BR> ULONG SizeOfImage;<BR> UNICODE_STRING FullDllName;<BR> UNICODE_STRING BaseDllName;<BR> ULONG Flags;<BR> SHORT LoadCount;<BR> SHORT TlsIndex;<BR> LIST_ENTRY HashTableEntry;<BR> ULONG TimeDateStamp;<BR>} LDR_MODULE, *PLDR_MODULE;<BR><BR><BR>typedef struct RTL_DRIVE_LETTER_CURDIR<BR>{<BR> USHORT Flags;<BR> USHORT Length;<BR> ULONG TimeStamp;<BR> UNICODE_STRING DosPath;<BR>} RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;<BR><BR>typedef struct _RTL_USER_PROCESS_PARAMETERS<BR>{<BR> ULONG AllocationSize;<BR> ULONG Size;<BR> ULONG Flags;<BR> ULONG DebugFlags;<BR> HANDLE hConsole;<BR> ULONG ProcessGroup;<BR> HANDLE hStdInput;<BR> HANDLE hStdOutput;<BR> HANDLE hStdError;<BR> UNICODE_STRING CurrentDirectoryName;<BR> HANDLE CurrentDirectoryHandle;<BR> UNICODE_STRING DllPath;<BR> UNICODE_STRING ImagePathName;<BR> UNICODE_STRING CommandLine;<BR> PWSTR Environment;<BR> ULONG dwX;<BR> ULONG dwY;<BR> ULONG dwXSize;<BR> ULONG dwYSize;<BR> ULONG dwXCountChars;<BR> ULONG dwYCountChars;<BR> ULONG dwFillAttribute;<BR> ULONG dwFlags;<BR> ULONG wShowWindow;<BR> UNICODE_STRING WindowTitle;<BR> UNICODE_STRING Desktop;<BR> UNICODE_STRING ShellInfo;<BR> UNICODE_STRING RuntimeInfo;<BR> RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];<BR>} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;<BR><BR>typedef VOID (_stdcall *PPEBLOCKROUTINE)(PVOID);<BR><BR>typedef struct _PEB_FREE_BLOCK<BR>{<BR> struct _PEB_FREE_BLOCK* Next;<BR> ULONG Size;<BR>} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;<BR><BR>struct PEB <BR>{<BR> BOOLEAN InheritedAddressSpace;<BR> BOOLEAN ReadImageFileExecOptions;<BR> BOOLEAN BeingDebugged;<BR> BOOLEAN Spare;<BR> HANDLE Mutant;<BR> PVOID ImageBaseAddress;<BR> PPEB_LDR_DATA LoaderData;<BR> PRTL_USER_PROCESS_PARAMETERS ProcessParameters;<BR> PVOID SubSystemData;<BR> PVOID ProcessHeap;<BR> PVOID FastPebLock;<BR> PPEBLOCKROUTINE FastPebLockRoutine;<BR> PPEBLOCKROUTINE FastPebUnlockRoutine;<BR> ULONG EnvironmentUpdateCount;<BR> PVOID *KernelCallbackTable;<BR> PVOID EventLogSection;<BR> PVOID EventLog;<BR> PPEB_FREE_BLOCK FreeList;<BR> ULONG TlsExpansionCounter;<BR> PVOID TlsBitmap;<BR> ULONG TlsBitmapBits[0x2];<BR> PVOID ReadOnlySharedMemoryBase;<BR> PVOID ReadOnlySharedMemoryHeap;<BR> PVOID *ReadOnlyStaticServerData;<BR> PVOID AnsiCodePageData;<BR> PVOID OemCodePageData;<BR> PVOID UnicodeCaseTableData;<BR> ULONG NumberOfProcessors;<BR> ULONG NtGlobalFlag;<BR> BYTE Spare2[0x4];<BR> LARGE_INTEGER CriticalSectionTimeout;<BR> ULONG HeapSegmentReserve;<BR> ULONG HeapSegmentCommit;<BR> ULONG HeapDeCommitTotalFreeThreshold;<BR> ULONG HeapDeCommitFreeBlockThreshold;<BR> ULONG NumberOfHeaps;<BR> ULONG MaximumNumberOfHeaps;<BR> PVOID **ProcessHeaps;<BR> PVOID GdiSharedHandleTable;<BR> PVOID ProcessStarterHelper;<BR> PVOID GdiDCAttributeList;<BR> PVOID LoaderLock;<BR> ULONG OSMajorVersion;<BR> ULONG OSMinorVersion;<BR> ULONG OSBuildNumber;<BR> ULONG OSPlatformId;<BR> ULONG ImageSubSystem;<BR> ULONG ImageSubSystemMajorVersion;<BR> ULONG ImageSubSystemMinorVersion;<BR> ULONG GdiHandleBuffer[0x22];<BR> ULONG PostProcessInitRoutine;<BR> ULONG TlsExpansionBitmap;<BR> BYTE TlsExpansionBitmapBits[0x80];<BR> ULONG SessionId;<BR>};<BR><BR>typedef struct _CLIENT_ID<BR>{<BR> HANDLE UniqueProcess;<BR> HANDLE UniqueThread;<BR>} CLIENT_ID, *PCLIENT_ID;<BR><BR>typedef struct _GDI_TEB_BATCH<BR>{<BR> ULONG Offset;<BR> ULONG HDC;<BR> ULONG Buffer[0x136];<BR>} GDI_TEB_BATCH, *PGDI_TEB_BATCH;<BR><BR>struct TEB<BR>{<BR> NT_TIB Tib; /* 00h */<BR> PVOID EnvironmentPointer; /* 1Ch */<BR> CLIENT_ID Cid; /* 20h */<BR> PVOID ActiveRpcInfo; /* 28h */<BR> PVOID ThreadLocalStoragePointer; /* 2Ch */<BR> PEB *Peb; /* 30h */<BR> ULONG LastErrorValue; /* 34h */<BR> ULONG CountOfOwnedCriticalSections; /* 38h */<BR> PVOID CsrClientThread; /* 3Ch */<BR> void* Win32ThreadInfo; /* 40h */<BR> ULONG Win32ClientInfo[0x1F]; /* 44h */<BR> PVOID WOW32Reserved; /* C0h */<BR> LCID CurrentLocale; /* C4h */<BR> ULONG FpSoftwareStatusRegister; /* C8h */<BR> PVOID SystemReserved1[0x36]; /* CCh */<BR> PVOID Spare1; /* 1A4h */<BR> LONG ExceptionCode; /* 1A8h */<BR> UCHAR SpareBytes1[0x28]; /* 1ACh */<BR> PVOID SystemReserved2[0xA]; /* 1D4h */<BR> GDI_TEB_BATCH GdiTebBatch; /* 1FCh */<BR> ULONG gdiRgn; /* 6DCh */<BR> ULONG gdiPen; /* 6E0h */<BR> ULONG gdiBrush; /* 6E4h */<BR> CLIENT_ID RealClientId; /* 6E8h */<BR> PVOID GdiCachedProcessHandle; /* 6F0h */<BR> ULONG GdiClientPID; /* 6F4h */<BR> ULONG GdiClientTID; /* 6F8h */<BR> PVOID GdiThreadLocaleInfo; /* 6FCh */<BR> PVOID UserReserved[5]; /* 700h */<BR> PVOID glDispatchTable[0x118]; /* 714h */<BR> ULONG glReserved1[0x1A]; /* B74h */<BR> PVOID glReserved2; /* BDCh */<BR> PVOID glSectionInfo; /* BE0h */<BR> PVOID glSection; /* BE4h */<BR> PVOID glTable; /* BE8h */<BR> PVOID glCurrentRC; /* BECh */<BR> PVOID glContext; /* BF0h */<BR> LONG LastStatusValue; /* BF4h */<BR> UNICODE_STRING StaticUnicodeString; /* BF8h */<BR> WCHAR StaticUnicodeBuffer[0x105]; /* C00h */<BR> PVOID DeallocationStack; /* E0Ch */<BR> PVOID TlsSlots[0x40]; /* E10h */<BR> LIST_ENTRY TlsLinks; /* F10h */<BR> PVOID Vdm; /* F18h */<BR> PVOID ReservedForNtRpc; /* F1Ch */<BR> PVOID DbgSsReserved[0x2]; /* F20h */<BR> ULONG HardErrorDisabled; /* F28h */<BR> PVOID Instrumentation[0x10]; /* F2Ch */<BR> PVOID WinSockData; /* F6Ch */<BR> ULONG GdiBatchCount; /* F70h */<BR> USHORT Spare2; /* F74h */<BR> BOOLEAN IsFiber; /* F76h */<BR> UCHAR Spare3; /* F77h */<BR> ULONG Spare4; /* F78h */<BR> ULONG Spare5; /* F7Ch */<BR> PVOID ReservedForOle; /* F80h */<BR> ULONG WaitingOnLoaderLock; /* F84h */<BR> ULONG Unknown[11]; /* F88h */<BR> PVOID FlsSlots; /* FB4h */<BR> PVOID WineDebugInfo; /* Needed for WINE DLL's */<BR>};<BR><BR>#pragma pack(pop)<BR><BR>#pragma comment(linker,"/merge:.rdata=.data")<BR>#pragma comment(linker,"/merge:.text=.data")<BR><BR><BR><BR>inline bool mystrcmp (const char * src,const char * dst)<BR>{<BR> int ret = 0 ;<BR> while( ! (ret = *(unsigned char *)src - *(unsigned char *)dst) && *dst)<BR> ++src, ++dst;<BR> return ret==0;<BR>}<BR><BR>unsigned int GetFunctionByName(unsigned int ImageBase,const char*FuncName)<BR>{<BR> IMAGE_DOS_HEADER *pdoshdr=(IMAGE_DOS_HEADER *)ImageBase;<BR> PIMAGE_NT_HEADERS32 pnthdr=(PIMAGE_NT_HEADERS32)(ImageBase+pdoshdr->e_lfanew);<BR> if(pnthdr->Signature!=IMAGE_NT_SIGNATURE)<BR> return 0;<BR> PIMAGE_DATA_DIRECTORY pidd=&pnthdr->OptionalHeader.DataDirectory[0];<BR> IMAGE_EXPORT_DIRECTORY *pied=(IMAGE_EXPORT_DIRECTORY *)(ImageBase+pidd->VirtualAddress);<BR><BR> LONG *pfuncnames=(LONG *)(ImageBase+pied->AddressOfNames);<BR> for(unsigned int i=0;i<pied->NumberOfNames;i++)<BR> {<BR> PSTR pfunc=(PSTR)(ImageBase+pfuncnames[i]);<BR> if(mystrcmp(pfunc,FuncName))<BR> {<BR> WORD *EOT=(WORD *)(pied->AddressOfNameOrdinals+ImageBase);<BR> LONG *EAT=(LONG *)(pied->AddressOfFunctions+ImageBase);<BR> int index=EOT[i];<BR> return (ImageBase+EAT[index]); <BR> }<BR> }<BR> return 0;<BR>}<BR><BR>typedef HMODULE (WINAPI *TLoadLibraryA)(LPCSTR lpFileName);<BR>typedef BOOL (WINAPI *TFreeLibrary)(HMODULE hModule);<BR>typedef void (WINAPI *TExitProcess)(UINT uExitCode);<BR>typedef int (WINAPI *TMessageBox)(HWND hWnd,LPCSTR lpText,LPCSTR lpCaption,UINT uType);<BR><BR>extern "C" void WinMainCRTStartup()<BR>{<BR> unsigned int kernel32imagebase,user32imagebase;<BR> char title[]="ddd&&*U( sunwang need beauty %^%&*";<BR> char caption[]="hack";<BR> char user32[]="user32";<BR><BR> TEB *pteb=NULL;<BR> __asm mov eax,fs:[18h]<BR> __asm mov pteb,eax<BR><BR> PEB *ppeb=pteb->Peb;<BR> PPEB_LDR_DATA pldr=ppeb->LoaderData;<BR> PLDR_MODULE pmodule=(PLDR_MODULE)pldr->InLoadOrderModuleList.Flink;<BR> PLDR_MODULE pntdllmodule=(PLDR_MODULE)pmodule->InLoadOrderModuleList.Flink;<BR> PLDR_MODULE pkernel32module=(PLDR_MODULE)pntdllmodule->InLoadOrderModuleList.Flink;<BR> kernel32imagebase=(unsigned int)pkernel32module->BaseAddress;<BR><BR> TLoadLibraryA pLoadLibraryA=(TLoadLibraryA)GetFunctionByName(kernel32imagebase,"LoadLibraryA");<BR> TFreeLibrary pFreeLibrary=(TFreeLibrary)GetFunctionByName(kernel32imagebase,"FreeLibrary");<BR> TExitProcess pExitProcess=(TExitProcess)GetFunctionByName(kernel32imagebase,"ExitProcess");<BR><BR> user32imagebase=(unsigned int)pLoadLibraryA(user32);<BR> TMessageBox pMessageBox=(TMessageBox)GetFunctionByName(user32imagebase,"MessageBoxA");<BR> pMessageBox(NULL,title,caption,MB_OK);<BR><BR> pFreeLibrary((HMODULE)user32imagebase);<BR> pExitProcess(0);<BR>}<BR></DIV> 怎么不加点说明啊,看不懂啊,还有我在VC6下编译出现:
LIBCD.lib(crt0.obj) : error LNK2001: unresolved external symbol _main
Debug/t1.exe : fatal error LNK1120: 1 unresolved externals
页:
[1]