Reputation: 13
I'm trying to make a program that finds the next .exe file in a user-defined directory and writes a flag to it (for a computer security class).
It's currently writing 0 bytes, and I'm not sure why.
Here is my code so far:
#define _CRT_SECURE_NO_WARNINGS
#include <iostream>
#include <Windows.h>
#include <fstream>
using namespace std;
typedef wchar_t wchar;
struct thePlague{
long int origBytes;
wchar_t flag[6];
};
void main() {
WIN32_FIND_DATA findFileData; //Windows structure that receives info about a found file or directory
HANDLE hFind = INVALID_HANDLE_VALUE; //Handle that holds whether or not a file was successfully found with FindNextFile
LARGE_INTEGER fileSize;
wchar szDir[MAX_PATH];
DWORD dwError = 0;
wchar directory[MAX_PATH];
wcout<<L"Please enter a directory: ";
wcin>>directory;
// Check that the input path plus 7 is not longer than MAX_PATH.
// 7 characters are for the "\*.exe" plus NULL appended below.
if (wcslen(directory) > (MAX_PATH - 7)) {
wcout<<L"\nDirectory is too long\n";
return;
}
wcout<<L"Target directory is: "<<directory<<endl;
// Prepare string for use with FindFile functions. First, copy the
// string to a buffer, then append '\*' to the directory name.
wcscpy(szDir, directory);
wcscat(szDir, L"\\*.exe");
//Find the first file in the directory
hFind = FindFirstFile(szDir, &findFileData);
if (hFind == INVALID_HANDLE_VALUE) {
wcout<<L"FindFirstFile Failed"<<GetLastError()<<endl;
return;
}
do {
fileSize.LowPart = findFileData.nFileSizeLow;
fileSize.HighPart = findFileData.nFileSizeHigh;
wcout<<findFileData.cFileName<<L" "<<fileSize.QuadPart<<L" bytes\n";
DWORD dwBytesWritten = 0; //# of bytes written by WriteFile
wchar_t *buffer = (wchar *)malloc(sizeof(thePlague)); //A buffer the size of our struct (infection flag)
wofstream writeToBuffer(buffer, ios::binary); //Open the buffer for writing
thePlague newVictim; //New infection flag
writeToBuffer.write((const wchar_t*)&newVictim, sizeof(thePlague));
writeToBuffer.close();
DWORD dwErrorFlag;
dwErrorFlag = WriteFile(hFind, //The handle holding the file we are writing to
buffer, //The buffer holding what we want to write to the file, in this case a struct
sizeof(thePlague), //How many bytes to write to the file
&dwBytesWritten, //Where to store the # of bytes successfully written
NULL //Where to write to incase of overlap
);
if (dwErrorFlag == false)
wcout<<L"Error was: "<<GetLastError()<<endl;
wcout<<L"# of bytes written: "<<dwBytesWritten<<endl;
} while(FindNextFile(hFind, &findFileData) != 0);
FindClose(hFind);
return;
}
When I run this, I get:
Please enter a directory: C:\Infect
Target directory is: C:\Infect
hello.exe 65536 bytes
Error was: 6
# of bytes written: 0
Press any key to continue . . .
I know this is an ERROR_INVALID_HANDLE, but how do I fix this?
Upvotes: 0
Views: 2120
Reputation: 6804
FindFirstFile
returns a search handle, but WriteFile
requires an open file handle. Use CreateFile
to open the file before writing to it with WriteFile
.
Upvotes: 3
Reputation: 229324
You need to open the file before writing to it. Your HANDLE hFind
is just a handle to iterate over directories/files, not an open handle to a file.
Use CreateFile() to open the file
Upvotes: 6