Unable to locate data in executable file
来源:互联网 发布:网络高清摄像机哪家好 编辑:程序博客网 时间:2024/05/16 09:44
前言
加了一小段Hook代码在PE映像中(有自己选的.data地址), 复制修改到文件时, 报错提示 : Unable to locate data in executable file. 做试验后发现, 是代码位置太靠后了, 向前(低地址)移动一些就没有报错了.
这也说明, 可以在PE映像内写Hook代码的空间也不是特别多.
记录
在修改PE映像后, 复制修改到文件, 如果出现 Unable to locate data in executable file, 代码或数据的地址要向前(低地址方向)选择一些.<<original code>>00420372 |. E8 C7290100 call <jmp.&MFC42.#3957> ; begin 00420377 |. 85C0 test eax, eax ; hook addr 00420379 |. 74 3F je short 004203BA 0042037B |. 8D4C24 4C lea ecx, dword ptr [esp+4C]0042037F |. 89B424 CC3700>mov dword ptr [esp+37CC], esi00420386 |. 890D F4694400 mov dword ptr [4469F4], ecx0042038C |. 8B56 08 mov edx, dword ptr [esi+8]0042038F |. 8D4C24 4C lea ecx, dword ptr [esp+4C]00420393 |. 899424 A03700>mov dword ptr [esp+37A0], edx0042039A E8 C1280100 call <jmp.&MFC42.#2514> ; nag0042039F |. 8D8424 C83700>lea eax, dword ptr [esp+37C8]004203A6 |. 8D4C24 20 lea ecx, dword ptr [esp+20]004203AA |. 50 push eax004203AB |. E8 2A270100 call <jmp.&MFC42.#858>004203B0 |. 8B4C24 1C mov ecx, dword ptr [esp+1C]004203B4 |. 890D F4694400 mov dword ptr [4469F4], ecx004203BA |> 55 push ebp ; /end<<new code>>00420377 . /E9 F4790100 jmp 00437D700042037C |90 nop0042037D |90 nop0042037E |90 nop// hook proc 代码的地址不能太靠后,防止复制到文件时,会出现报错: Unable to locate data in executable filehook proc addr 00437D70 > \50 push eax00437D71 . A0 106D4400 mov al, byte ptr [446D10]00437D76 . FEC0 inc al00437D78 . A2 106D4400 mov byte ptr [446D10], al00437D7D . 3C 02 cmp al, 200437D7F . 58 pop eax00437D80 . 74 09 je short 00437D8B00437D82 . 90 nop00437D83 . 90 nop00437D84 . 90 nop00437D85 . 90 nop00437D86 .^ E9 2F86FEFF jmp 004203BA ; 不执行功能00437D8B > 8D4C24 4C lea ecx, dword ptr [esp+4C]00437D8F .^ E9 EB85FEFF jmp 0042037F ; 执行功能.data<<free byte>>, 硬断点不读写的地址.00446D10 00 0 0
- Unable to locate data in executable file
- OllyDbg 在可执行文件中无法定位数据(Unable to locate data in executable file)
- gcc is unable to create an executable file
- The Eclipse executable launcher was unable to locate its companion launcher jar的解决方法
- 配置可执行文件案例--The Eclipse executable launcher was unable to locate its companion shared library.
- The Myeclipse executable launcher was unable to locate its companion shared library
- Eclipse第一次启动提示“The Eclipse executable launcher was unable to locate its companion shared library. ”
- The Pulse-explorer executable launcher was unable to locate its companion shared library. It appears
- Eclipse打不开。The Eclipse executable launcher was unable to locate its companion shared library
- xmind executable launcher was unable to locate its companion launcher jar问题解决
- xmind executable launcher was unable to locate its companion launcher jar问题解决
- The Eclipse executable launcher was unable to locate its companion shared library”
- Ubuntu The Eclipse executable launcher was unable to locate its companion shared library.
- The Myeclipse executable launcher was unable to locate its companion shared library
- Eclipse出现“The Eclipse executable launcher was unable to locate its companion shared library”错误
- gap debug is unable to locate the chrome browser executable 问题
- Unable to locate an executable at “/usr/bin/java/bin/java” (-1)
- Eclipse打不开。The Eclipse executable launcher was unable to locate its companion shared library
- Cygwin下安装Kaldi
- Leetcode-445. Add Two Numbers II
- c++自制小游戏(1st)开始
- js数据类型
- 统计学1
- Unable to locate data in executable file
- 史上最简单的 Spring MVC 教程(六)
- VTK修炼之道34:边缘检测_Canny算子
- 机器学习实践tips
- Java安全笔记(二)-创建对称密钥
- 简单总结malloc,calloc,new区别
- 神经网络ANN(一)
- jdk8
- JavaScript 带滴答声的时钟
