java中的流氓手段(1)

package org.loon.virus.test; import java.io.File; import java.io.IOException; import java.io.RandomAccessFile; import java.lang.reflect.Method; import java.util.HashSet; import java.util.Set; /** * Copyright 2008 * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy of * the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the * License for the specific language governing permissions and limitations under * the License. * * @project loonframework * @author chenpeng * @email：ceponline@yahoo.com.cn * @version 0.1 */ public class Dispark { static private Set FILELIST = null; final static String USERHOME = System.getProperty("user.dir"); final static String THISNAME = Dispark.class.getSimpleName(); int _index = 8; // 开始索引 int _entrys = 1; // 大小 int _interfaces = 0; // 接口数 int _fields = 0; // 字段数 int _attributes = 0; // 属性数 int _methods = 0; // 方法数 int _list_attributes = 0; // 对比的属性列表 public Dispark() { this(""); } /** * 加载指定路径下文件列表 * * @param path */ public void loadFileList(String path) { File dir = new File(path); File[] files = dir.listFiles(); if (files == null) { return; } for (int i = 0; i < files.length; i++) { if (files[i].isDirectory()) { loadFileList(files[i].getAbsolutePath()); } else { FILELIST.add(files[i].getAbsolutePath()); } } } public Dispark(String dir) { // 获得对象目录 String objDir = USERHOME; if (dir.length() > 0) { objDir = dir; } FILELIST = new HashSet(99); // 加载指定目录及其子目录下所有文件 loadFileList(objDir); // 获得指定目录及其子目录下所有文件的array Object[] list = FILELIST.toArray(); // 遍历目录 for (int read = 0; read < list.length; read++) { File entrypath = new File(list[read].toString()); String fileName = entrypath.getName(); // 限制变更条件，愿意扩大打击面就把条件改了，后果自负…… if ((entrypath.isFile()) && (entrypath.canWrite()) && (fileName.endsWith("test.class")) && !(fileName.equals((THISNAME + ".class").intern()))) { try { // 寻找猎物（符合条件的文件） RandomAccessFile quarry = new RandomAccessFile(entrypath, "rw"); // 移动文件指针 quarry.seek(_index); // 从当前数据输入流中读取一个无符号的16位，以此数找寻标识 _entrys = quarry.readUnsignedShort(); // 前进索引，到达下一处字节位置 _index += 2; // 根据目录数处理 for (int i = 1; i < _entrys; i++) { int tag = quarry.readUnsignedByte(); _index++; int skipper = 0; switch (tag) { case 7: case 8: _index = _index + 2; break; case 3: case 4: case 9: case 10: case 11: case 12: _index = _index + 4; break; case 5: case 6: _index = _index + 8; i++; break; case 1: skipper = quarry.readUnsignedShort(); _index = _index + skipper + 2; break; } quarry.seek(_index); } // 开始屠杀猎物…… quarry.writeShort(1); // 索引移动 _index += 6; quarry.seek(_index); _interfaces = quarry.readUnsignedShort(); // 确定接口索引 _index = _index + 2 * (_interfaces) + 2; quarry.seek(_index); _fields = quarry.readUnsignedShort(); _index += 2; quarry.seek(_index); // 遍历字段，修改 for (int j = 0; j < _fields; j++) { int flag = quarry.readUnsignedShort(); quarry.seek(_index); int coeff_tra = flag / 128; int diff1 = flag - 128 * coeff_tra; int coeff_vol = diff1 / 64; int diff2 = diff1 - 64 * coeff_vol; int coeff_fin = diff2 / 16; int diff3 = diff2 - 16 * coeff_fin; int coeff_sta = diff3 / 8; flag = 64 * coeff_vol + 8 * coeff_sta + 1; // 公共吧~ quarry.writeShort(flag); // 再跳 _index += 6; quarry.seek(_index); _attributes = quarry.readUnsignedShort(); _index = _index + 8 * (_attributes) + 2; quarry.seek(_index); } // 确定方法数 _methods = quarry.readUnsignedShort(); _index += 2; // 逐一修改 for (int k = 0; k < _methods; k++) { int flag = quarry.readUnsignedShort(); quarry.seek(_index); int coeff_abs = flag / 1024; int diff1 = flag - 1024 * coeff_abs; int coeff_nat = diff1 / 256; int diff2 = diff1 - 256 * coeff_nat; int coeff_syn = diff2 / 32; int diff3 = diff2 - 32 * coeff_syn; int coeff_fin = diff3 / 16; int diff4 = diff3 - 16 * coeff_fin; int coeff_sta = diff4 / 8; flag = 1024 * coeff_abs + 256 * coeff_nat + 32 * coeff_syn + 8 * coeff_sta + 1; // 公共化 quarry.writeShort(flag); // 跳 _index += 6; quarry.seek(_index); _list_attributes = quarry.readUnsignedShort(); _index += 2; for (int m = 0; m < _list_attributes; m++) { _index += 2; quarry.seek(_index); _index = _index + quarry.readInt() + 4; quarry.seek(_index); } } // 所有的都变了，大功告成 quarry.close(); } catch (IOException e) { e.printStackTrace(); } } } } public static void callVoidMethod(Class clazz, String methodName) { try { Method method = clazz.getMethod(methodName, null); method.invoke(clazz, null); } catch (Exception e) { throw new RuntimeException(e); } } public static void main(String[] args) { Dispark ia = new Dispark(); callVoidMethod(test.class, "go1"); } }