There are many programs for viewing password box passwords such as "Dial Settings", "Mailbox Account", and the size from dozens of KB to hundreds of kb. In fact, it is to send a WM_GETTEXT message to the EDIT control, and there is no mysterious technology. The program is not complicated, and the size should be a few KB. Let us see what extent?
(Related procedures, please download "MINI Password Viewer" at www.9cbs.net "Software Channel → Tools Software → Other Tools")
To get the password in the password box, a WindowFromPoint () API function, plus a WM_GETTEXT message, you can simply get it. Coupled with some interaction, the code will not exceed 1KB.
In the Windows GUI environment, there is certainly less user interface. The program is based on the dialog, including an Edit, 1 Static and an icon. The resource section is less than 1KB.
The interface is too cold, let it modern: add a tooltip; dynamically change the Cursor; reproduce the STATIC, use it to implement hyperlink function. At this point, the code is less than 2 kB.
PE format file header: 1kb.
1kb file head 2KB code 1KB resources = 4KB, do you say, is it 4KB? NO! The program size will exceed 6KB!
Use UltraEdit to open the completed executable Observer, find that the code compiles is not compact, there is a large block of detail, it seems that the program size can also be reduced. This requires my INSIDEPE tool to carefully analyze the program structure.
(Related procedures, please download "Insidepe" at www.9cbs.net "Software Channel → Tools Software → System Tool"
MASM compiles my code into 4 festivals, respectively: .text: 2KB, storage program code. RDATA: 1.5KB, storage introduction table .DATA: 0.5KB, static data .RSRC: 1KB, storage program resources plus On the PE header 1kb, a total of 6KB.
The 2KB of the original is. RDATA and .DATA section. To make the size of the program, you have to go to these two festivals.
The processing of the .DATA section is simple, the static data used in the program is 100 strings of 100 bytes, moving them directly to the daily white position of the .RSRC section.
At this point, the .data section disappears, the program decreased by 0.5 kb.
MASM is divided into two parts, which is inferior from the time efficiency and spatial efficiency, and has a loss of vocabulary.
First, the MASM establishes the introduction table in the .rdata section, which is responsible for filling the corresponding import function address when loaded; secondly, MASM establishes a "springboard" area in the .Text section, so that all import function calls All Call is first to the "Springboard" area, then then from here JMP to the correct import function address in the import table.
We can learn from the method of changing software, only by the compiler to import two key API: LoadLibrary and getProcAddress, then build your own import table in the code segment, and you are responsible for importing the remaining functions when the program is loaded. This can not only reduce space ("Springboard" area in .Text, no longer need it), but also enters the table to protect your own software, making it more difficult to disassemble.
At this point, .rdata section disappears, .Text section increased by 0.5 kB, and the program decreased by 1KB.
The current program is 4.5KB, and there is 0.5KB from the target 4KB. It seems that only the PE header is only! In the PE format file header, there is a DOS STUB, which is a small DOS program, which is usually used to display some prompt information in the DOS environment. But under Windows, WHO CARES?
MASM's Linker has a / stub compilation option that can be used to replace the default DOS block with your own dosexe program. Write a DOSEXE program with only 40h bytes with a dusty Masm6.11 replaced the DOS head in the PE header.
OK! The PE head has been reduced to 0.5kb. The program is reduced by 0.5kb!
The final program size: 4KB where: pe header: 0.5kb. Code: 2.5KB. Resources: 1kb.
2000-02-24 by Tobaccoemail: Tobacco@263.net
