-
Notifications
You must be signed in to change notification settings - Fork 7
/
test_check_bin_safe.lua
46 lines (43 loc) · 1.23 KB
/
test_check_bin_safe.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
--
-- 检查二进制程序文件是否开启 /DEP, /ASLR 选项
--
require "win32exts"
--初始化代码页
--win32exts.set_acp(0)
win32exts.load_sym("*", "*")
win32exts.setlocale(0, "chs")
function GetSafeStatus(args)
hdll = win32exts.LoadLibraryExA(args, nil, 2)
strRet = ""
if(hdll > 0) then
hdll = win32exts.bit_command(hdll, "&", 0xFFFFFF00)
lVal = win32exts.read_value(hdll, 0x3c, 4)
lVal = win32exts.read_value(hdll, lVal + 0x18 + 0x46, 2)
if win32exts.bit_command(lVal, "&", 0x40) == 0x40 then
strRet = strRet .. "ASLR已开启,"
else
strRet = strRet .. "ASLR未开启,"
end
if win32exts.bit_command(lVal, "&", 0x0100) == 0x0100 then
strRet = strRet .. "DEP已开启,"
else
strRet = strRet .. "DEP未开启,"
end
else
strRet = "文件读取失败!!!"
end
return strRet
end
while true do
win32exts.println("请输入需要检查的目标文件全路径(可直接拖动至该窗口):")
path = win32exts.get_input()
if path:sub(1, 1)=="\"" and path:sub(#path, #path)=="\"" then
path = path:sub(2, #path-1)
end
if win32exts.PathFileExistsA(path) > 0 then
win32exts.MessageBoxA(0, GetSafeStatus(path), path, 0);
else
win32exts.MessageBoxA(nil, "输入文件非法!", "错误", 0)
end
end