曾经看过一篇文章,说是任意一个小于64K的文件都能转化成一个bat文件,并且能够正常运行。好奇之下,决定一探究竟。在看了一些汇编和debug相关知识后终于弄明白是怎么回事。代码如下:
一下代码在Microsoft Visual C++ 6.0中调试成功
#include <stdio.h>
#include <math.h>
#include <conio.h>
#include <string.h>
void main(int argc,char *argv[])
{ char *p;
int ch,i=0,n=256,z=0;
double j;
FILE *fp1,*fp2;
if(argc<3)
{
printf("此程序为命令行程序\n");
printf("请输入正确的参数,如在cmd下输入:\n");
printf("any2bat.exe c:\\File.exec:\\File.bat\n");
getch();
return;}
p=argv[1]+strlen(argv[1])-1;
while(*p!='\\')
{p--;
if(p==argv[1])
{p=(argv[1]-1);
break;}
}
if((fp1=fopen(argv[1],"rb+"))==NULL)
{
printf("File cannotbe opened\n");
}
if((fp2=fopen(argv[2],"wr+"))==NULL)
{
printf("File cannotbe opened\n");
}
fprintf(fp2, "%s\n", "goto play");
while((ch=fgetc(fp1))!=EOF)
{if (i==0)
{fputc('\n',fp2);
fputc('e',fp2);
fputc(' ',fp2);
fprintf(fp2, "%x", n);
n=n+16;
}
fputc(' ',fp2);
if (int(j=(log(ch)/log(16)))==0)
fputc('0',fp2);
fprintf(fp2, "%x", ch);
i++;
z++;
}
fputc('\n',fp2);
fputc('n',fp2);
fprintf(fp2, "%s\n", "abc");
fprintf(fp2, "%s\n", "rcx");
fprintf(fp2, "%x\n", z);
fprintf(fp2, "%s\n", "w");
fprintf(fp2, "%s\n", "q");
fprintf(fp2, "%s\n", ":play");
fprintf(fp2, "%s\n","debug<%0>nul");
fprintf(fp2, "%s", "ren abc ");
fprintf(fp2, "%s", ++p);
fclose(fp1);
fclose(fp2);
}
简化版:
#include<iostream>
int main (int argc, const char * argv[])
{
int ch,i=0;
FILE *fp1,*fp2;
if(argc<3)
{
printf("此程序为命令行程序\n");
printf("请输入正确的参数,如在cmd下输入:\n");
printf("any2bat.exec:\\File.exe c:\\File.bat\n");
getchar();
return 0;
}
if((fp1=fopen(argv[1],"rb+"))==NULL)
{
printf("File cannotbe opened\n");
}
if((fp2=fopen(argv[2],"wr+"))==NULL)
{
printf("File cannotbe opened\n");
}
while((ch=fgetc(fp1))!=EOF)
{
if (i== 0) {
fputc('\n', fp2);
}
fputc('0', fp2);
fputc('x', fp2);
if(ch <16) {
fputc('0', fp2);
}
fprintf(fp2, "%x", ch);
fputc(',', fp2);
i++;
fputc('',fp2);
i = i %16;
}
fclose(fp1);
fclose(fp2);
return 0;
}
