-
Jun 23rd, 2022, 05:21 AM
#1
Thread Starter
PowerPoster
vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile
Code:
Private Declare Function OpenFile& Lib "kernel32" (ByVal FileName As String, ByVal OFs As Long, ByVal Flags As Long)
Private Declare Function NtReadFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
Private Declare Function NtWriteFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
Private Declare Function CloseHandle& Lib "kernel32" (ByVal Handle As Long)
Public Function ReadFile(ByVal FileName As String, ByRef ByteIn() As Byte) As Boolean
Dim Handle&, Block&(1), Struct&(33)
ReDim ByteIn(FileLen(FileName))
Handle = OpenFile(FileName, VarPtr(Struct(0)), 0)
If NtReadFile(Handle, 0, 0, 0, VarPtr(Block(0)), VarPtr(ByteIn(0)), UBound(ByteIn)) = 0 Then ReadFile = True
CloseHandle Handle
End Function
Public Function WriteFile(ByVal FileName As String, ByRef ByteIn() As Byte) As Boolean
Dim Handle&, Block&(1), Struct&(33)
CloseHandle OpenFile(FileName, VarPtr(Struct(0)), 4096)
Handle = OpenFile(FileName, VarPtr(Struct(0)), 1)
If NtWriteFile(Handle, 0, 0, 0, VarPtr(Block(0)), VarPtr(ByteIn(0)), UBound(ByteIn) + 1) = 0 Then WriteFile = True
CloseHandle Handle
End Function
Function SaveFileEncode(FileName, strFileBody, Optional Charset = "gb2312") As Boolean
Dim ADO_Stream ' As New ADODB.Stream
Set ADO_Stream = CreateObject("Adodb.Stream")
On Error GoTo ferr
With ADO_Stream
.Type = 2
.Mode = 3
.Charset = Charset
.Open
.WriteText strFileBody
.SaveToFile FileName, 2
End With
SaveFileEncode = True
Exit Function
ferr:
End Function
Private Sub Form_Load()
SaveFileEncode "test.txt", "testABCD"
Dim Temp() As Byte
Me.Caption = ReadFile("test.txt", Temp)
MsgBox StrConv(Temp, vbUnicode)
Erase Temp
'Me.Caption = ReadFile("C:\WINDOWS\notepad.exe", Temp)
Temp = StrConv("testNew", vbFromUnicode)
MsgBox "Length:" & UBound(Temp) + 1
Me.Caption = WriteFile("test2.txt", Temp)
Erase Temp
Call ReadFile("test2.txt", Temp)
MsgBox StrConv(Temp, vbUnicode)
End Sub
-
Jun 23rd, 2022, 11:55 PM
#2
Member
Re: vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile
Originally Posted by xiaoyao
Code:
Private Declare Function OpenFile& Lib "kernel32" (ByVal FileName As String, ByVal OFs As Long, ByVal Flags As Long)
Private Declare Function NtReadFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
Private Declare Function NtWriteFile& Lib "ntdll" (ByVal Handle As Long, ByVal Events As Long, ByVal APCRoutine As Long, ByVal APCContext As Long, ByVal IoStatus As Long, ByVal Buffer As Long, ByVal Length As Long, Optional ByVal Number As Long, Optional ByVal Keys As Long)
Private Declare Function CloseHandle& Lib "kernel32" (ByVal Handle As Long)
Is there any advantage over kernel32 readfile and writefile ? And still using OpenFile from kernel32. Please explain.
-
Jun 25th, 2022, 08:26 AM
#3
Thread Starter
PowerPoster
Re: vb6 Api ReadFile,SaveFile with NtReadFile,NtWriteFile
i used to hook process for read file or write file.
when you want to load a pdf file or word file,can hook and read encode file in memory.
For example, play encrypted video, or load encrypted database files, simulate hard disk files in memory, and save them to hard disk after modification and encryption.
Last edited by xiaoyao; Jun 25th, 2022 at 08:29 AM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|