給程序加殼

在內存中運行可執行程序,好處是可以給程序加殼,加密源程序,靜態反匯編無法獲得PE輸入節,但是因為運行后仍然是獨立的進程,所以沒辦法防止遠程線程注入,掛接API鉤子。

?? typedef IMAGE_SECTION_HEADER ( * PIMAGE_SECTION_HEADERS)[ 1 ];??
?
?//? 計算對齊后的大小???
?unsigned? long? GetAlignedSize(unsigned? long? Origin, unsigned? long? Alignment)??
? {??
???? return? (Origin? +? Alignment? -?? 1 )? /? Alignment? *? Alignment;??
}???
?
?//? 計算加載pe并對齊需要占用多少內存??
?//? 未直接使用OptionalHeader.SizeOfImage作為結果是因為據說有的編譯器生成的exe這個值會填0???
?unsigned? long? CalcTotalImageSize(PIMAGE_DOS_HEADER MzH??
???????????????????????????????? , unsigned? long? FileLen??
???????????????????????????????? , PIMAGE_NT_HEADERS peH??
???????????????????????????????? , PIMAGE_SECTION_HEADERS peSecH)??
? {??
??? unsigned? long? res;??
???? //? 計算pe頭的大小???
???? res? =? GetAlignedSize( peH -> OptionalHeader.SizeOfHeaders , peH -> OptionalHeader.SectionAlignment);??
?
???? //? 計算所有節的大小???
????? for (? int? i? =?? 0 ; i? <? peH -> FileHeader.NumberOfSections;? ++ i)??
????? {??
???????? //? 超出文件范圍???
????????? if (peSecH[i] -> PointerToRawData? +? peSecH[i] -> SizeOfRawData? >? FileLen)?
????????? {
???????????? return?? 0 ;??
??????? }
???????? else?? if (peSecH[i] -> VirtualAddress) // 計算對齊后某節的大小???
??????????? {??
???????????? if (peSecH[i] -> Misc.VirtualSize)??
????????????? {??
??????????????? res? =? GetAlignedSize( peSecH[i] -> VirtualAddress? +? peSecH[i] -> Misc.VirtualSize??
??????????????????? , peH -> OptionalHeader.SectionAlignment);??
??????????? }???
???????????? else??
????????????? {??
??????????????? res? =? GetAlignedSize( peSecH[i] -> VirtualAddress? +? peSecH[i] -> SizeOfRawData??
??????????????????? , peH -> OptionalHeader.SectionAlignment);??
??????????? }???
??????? }???
???????? else?? if ( peSecH[i] -> Misc.VirtualSize? <? peSecH[i] -> SizeOfRawData )??
????????? {??
??????????? res? +=? GetAlignedSize( peSecH[i] -> SizeOfRawData??
??????????????? , peH -> OptionalHeader.SectionAlignment);??
??????? }???
???????? else??
????????? {??
??????????? res? +=? GetAlignedSize( peSecH[i] -> Misc.VirtualSize??
??????????????? , peH -> OptionalHeader.SectionAlignment);??
??????? } //? if_else???
???? } //? for???
???????
???? return? res;??
}???
?
?//? 加載pe到內存并對齊所有節???
?BOOL AlignPEToMem(? void?? * Buf??
????????????????? ,? long? Len??
????????????????? , PIMAGE_NT_HEADERS? & peH??
????????????????? , PIMAGE_SECTION_HEADERS? & peSecH??
????????????????? ,? void?? *& Mem??
????????????????? , unsigned? long?? & ImageSize)??
? {??
??? PIMAGE_DOS_HEADER SrcMz; //? DOS頭???
???? PIMAGE_NT_HEADERS SrcPeH; //? PE頭???
???? PIMAGE_SECTION_HEADERS SrcPeSecH; //? 節表???
???????
??? SrcMz? =? (PIMAGE_DOS_HEADER)Buf;??
?
???? if ( Len? <?? sizeof (IMAGE_DOS_HEADER) )???
???????? return? FALSE;??
??????
???? if ( SrcMz -> e_magic? !=? IMAGE_DOS_SIGNATURE )??
???????? return? FALSE;??
??????
???? if ( Len? <? SrcMz -> e_lfanew? +? ( long ) sizeof (IMAGE_NT_HEADERS) )??
???????? return? FALSE;??
?
??? SrcPeH? =? (PIMAGE_NT_HEADERS)(( int )SrcMz? +? SrcMz -> e_lfanew);??
???? if ( SrcPeH -> Signature? !=? IMAGE_NT_SIGNATURE )??
???????? return? FALSE;??
?
???? if ( (SrcPeH -> FileHeader.Characteristics? &? IMAGE_FILE_DLL)? ||???
??????? (SrcPeH -> FileHeader.Characteristics? &? IMAGE_FILE_EXECUTABLE_IMAGE? ==?? 0 )? ||???
??????? (SrcPeH -> FileHeader.SizeOfOptionalHeader? !=?? sizeof (IMAGE_OPTIONAL_HEADER)) )??
????? {??
???????? return? FALSE;??
??? }???
?
?
??? SrcPeSecH? =? (PIMAGE_SECTION_HEADERS)(( int )SrcPeH? +?? sizeof (IMAGE_NT_HEADERS));??
??? ImageSize? =? CalcTotalImageSize( SrcMz, Len, SrcPeH, SrcPeSecH);??
?
???? if ( ImageSize? ==?? 0? )??
???????? return? FALSE;??
??????
??? Mem? =? VirtualAlloc( NULL, ImageSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);? //? 分配內存???
????? if ( Mem? !=? NULL )??
????? {??
???????? //? 計算需要復制的PE頭字節數???
???????? unsigned? long? l? =? SrcPeH -> OptionalHeader.SizeOfHeaders;??
???????? for (? int? i? =?? 0 ; i? <? SrcPeH -> FileHeader.NumberOfSections;? ++ i)??
????????? {??
???????????? if ( (SrcPeSecH[i] -> PointerToRawData)? &&???
??????????????? (SrcPeSecH[i] -> PointerToRawData? <? l) )??
????????????? {??
??????????????? l? =? SrcPeSecH[i] -> PointerToRawData;??
??????????? }???
??????? }???
??????? memmove( Mem, SrcMz, l);??
??????? peH? =? (PIMAGE_NT_HEADERS)(( int )Mem? +? ((PIMAGE_DOS_HEADER)Mem) -> e_lfanew);??
??????? peSecH? =? (PIMAGE_SECTION_HEADERS)(( int )peH? +?? sizeof (IMAGE_NT_HEADERS));??
?
???????? void?? * Pt? =? ( void?? * )((unsigned? long )Mem???
???????????? +? GetAlignedSize( peH -> OptionalHeader.SizeOfHeaders??
??????????? , peH -> OptionalHeader.SectionAlignment)??
??????????? );??
?
???????? for ( i? =?? 0 ; i? <? peH -> FileHeader.NumberOfSections;? ++ i)??
????????? {??
???????????? //? 定位該節在內存中的位置???
????????????? if (peSecH[i] -> VirtualAddress)??
??????????????? Pt? =? ( void?? * )((unsigned? long )Mem? +? peSecH[i] -> VirtualAddress);??
?
???????????? if (peSecH[i] -> SizeOfRawData)??
????????????? {??
???????????????? //? 復制數據到內存???
???????????????? memmove(Pt, ( const?? void?? * )((unsigned? long )(SrcMz)? +? peSecH[i] -> PointerToRawData), peSecH[i] -> SizeOfRawData);??
???????????????? if (peSecH[i] -> Misc.VirtualSize? <? peSecH[i] -> SizeOfRawData)??
??????????????????? Pt? =? ( void?? * )((unsigned? long )Pt? +? GetAlignedSize(peSecH[i] -> SizeOfRawData, peH -> OptionalHeader.SectionAlignment));??
???????????????? else?? //? pt 定位到下一節開始位置???
???????????????????? Pt? =? ( void?? * )((unsigned? long )Pt? +? GetAlignedSize(peSecH[i] -> Misc.VirtualSize, peH -> OptionalHeader.SectionAlignment));??
??????????? }???
???????????? else??
????????????? {??
??????????????? Pt? =? ( void?? * )((unsigned? long )Pt? +? GetAlignedSize(peSecH[i] -> Misc.VirtualSize, peH -> OptionalHeader.SectionAlignment));??
??????????? }???
??????? }???
??? }???
???? return? TRUE;??
}???
?
???
typedef? void?? * (__stdcall? * pfVirtualAllocEx)(unsigned? long ,? void?? * , unsigned? long , unsigned? long , unsigned? long );??
pfVirtualAllocEx MyVirtualAllocEx? =? NULL;??
?
BOOL IsNT()??
? {??
???? return? MyVirtualAllocEx != NULL;??
}???
?
?//? 生成外殼程序命令行???
?char?? * PrepareShellExe( char?? * CmdParam, unsigned? long? BaseAddr, unsigned? long? ImageSize)??
? {??
???? if (IsNT())??
????? {??
???????? char?? * Buf? =?? new?? char [ 256 ];??
??????? memset(Buf,? 0 ,? 256 );??
??????? GetModuleFileName( 0 , Buf,? 256 );??
??????? strcat(Buf, CmdParam);??
???????? return? Buf;? //? 請記得釋放內存;-)???
???? }???
???? else??
????? {??
???????? //? Win98下的處理請參考原文;-)??
???????? //?? http://community.csdn.net/Expert/topic/4416/4416252.xml?temp=8.709133E-03????
????????? return? NULL;??
??? }???
}???
?
?//? 是否包含可重定向列表???
?BOOL HasRelocationTable(PIMAGE_NT_HEADERS peH)??
? {??
???? return? (peH -> OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress)??
???????? &&? (peH -> OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size);??
}???
?
#pragma pack(push,? 1 )??
typedef? struct? {??
??? unsigned? long? VirtualAddress;??
??? unsigned? long? SizeOfBlock;??
}?? * PImageBaseRelocation;??
#pragma pack(pop)??
?
?//? 重定向PE用到的地址???
?void? DoRelocation(PIMAGE_NT_HEADERS peH,? void?? * OldBase,? void?? * NewBase)??
? {??
??? unsigned? long? Delta? =? (unsigned? long )NewBase? -? peH -> OptionalHeader.ImageBase;??
??? PImageBaseRelocation p? =? (PImageBaseRelocation)((unsigned? long )OldBase???
???????? +? peH -> OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress);??
???? while (p -> VirtualAddress? +? p -> SizeOfBlock)??
????? {??
??????? unsigned? short?? * pw? =? (unsigned? short?? * )(( int )p? +?? sizeof ( * p));??
???????? for (unsigned? int? i = 1 ; i? <=? (p -> SizeOfBlock? -?? sizeof ( * p))? /?? 2 ;? ++ i)??
????????? {??
???????????? if (( * pw)? &?? 0xF000?? ==?? 0x3000 )? {??
??????????????? unsigned? long?? * t? =? (unsigned? long?? * )((unsigned? long )(OldBase)? +? p -> VirtualAddress? +? (( * pw)? &?? 0x0FFF ));??
???????????????? * t? +=? Delta;??
??????????? }???
???????????? ++ pw;??
??????? }???
??????? p? =? (PImageBaseRelocation)pw;??
??? }???
}???
?
?//? 卸載原外殼占用內存???
?BOOL UnloadShell(HANDLE ProcHnd, unsigned? long? BaseAddr)??
? {??
??? typedef unsigned? long? (__stdcall? * pfZwUnmapViewOfSection)(unsigned? long , unsigned? long );??
??? pfZwUnmapViewOfSection ZwUnmapViewOfSection? =? NULL;??
??? BOOL res? =? FALSE;??
??? HMODULE m? =? LoadLibrary( " ntdll.dll " );??
???? if (m)? {??
??????? ZwUnmapViewOfSection? =? (pfZwUnmapViewOfSection)GetProcAddress(m,? " ZwUnmapViewOfSection " );??
???????? if (ZwUnmapViewOfSection)??
??????????? res? =? (ZwUnmapViewOfSection((unsigned? long )ProcHnd, BaseAddr)? ==?? 0 );??
??????? FreeLibrary(m);??
??? }???
???? return? res;??
}???
?
?//? 創建外殼進程并獲取其基址、大小和當前運行狀態???
?BOOL CreateChild( char?? * Cmd, CONTEXT? & Ctx, HANDLE? & ProcHnd, HANDLE? & ThrdHnd,???
???????????????? unsigned? long?? & ProcId, unsigned? long?? & BaseAddr, unsigned? long?? & ImageSize)??
? {??
??? STARTUPINFOA si;??
??? PROCESS_INFORMATION pi;??
??? unsigned? long? old;??
??? MEMORY_BASIC_INFORMATION MemInfo;??
??? memset( & si,? 0 ,? sizeof (si));??
??? memset( & pi,? 0 ,? sizeof (pi));??
??? si.cb? =?? sizeof (si);??
??????
??? BOOL res? =? CreateProcess(NULL, Cmd, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL,? & si,? & pi);? //? 以掛起方式運行進程;???
?????? if (res)? {??
??????? ProcHnd? =? pi.hProcess;??
??????? ThrdHnd? =? pi.hThread;??
??????? ProcId? =? pi.dwProcessId;??
???????? //? 獲取外殼進程運行狀態,[ctx.Ebx+8]內存處存的是外殼進程的加載基址,ctx.Eax存放有外殼進程的入口地址???
???????? Ctx.ContextFlags? =? CONTEXT_FULL;??
??????? GetThreadContext(ThrdHnd,? & Ctx);??
??????? ReadProcessMemory(ProcHnd, ( void?? * )(Ctx.Ebx + 8 ),? & BaseAddr,? sizeof (unsigned? long ),? & old);? //? 讀取加載基址???
????????? void?? * p? =? ( void?? * )BaseAddr;??
???????? //? 計算外殼進程占有的內存???
????????? while (VirtualQueryEx(ProcHnd, p,? & MemInfo,? sizeof (MemInfo)))??
????????? {??
???????????? if (MemInfo.State? =? MEM_FREE)? break ;??
??????????? p? =? ( void?? * )((unsigned? long )p? +? MemInfo.RegionSize);??
??????? }???
??????? ImageSize? =? (unsigned? long )p? -? (unsigned? long )BaseAddr;??
??? }???
???? return? res;??
}???
?
?//? 創建外殼進程并用目標進程替換它然后執行???
?HANDLE AttachPE( char?? * CmdParam, PIMAGE_NT_HEADERS peH, PIMAGE_SECTION_HEADERS peSecH,???
???????????????? void?? * Ptr, unsigned? long? ImageSize, unsigned? long?? & ProcId)??
? {??
??? HANDLE res? =? INVALID_HANDLE_VALUE;??
??? CONTEXT Ctx;??
??? HANDLE Thrd;??
??? unsigned? long? Addr, Size;??
???? char?? * s? =? PrepareShellExe(CmdParam, peH -> OptionalHeader.ImageBase, ImageSize);??
???? if (s == NULL)? return? res;??
???? if (CreateChild(s, Ctx, res, Thrd, ProcId, Addr, Size))? {??
???????? void?? * p? =? NULL;??
??????? unsigned? long? old;??
???????? if ((peH -> OptionalHeader.ImageBase? ==? Addr)? &&? (Size? >=? ImageSize))? { //? 外殼進程可以容納目標進程并且加載地址一致???
???????????? p? =? ( void?? * )Addr;??
??????????? VirtualProtectEx(res, p, Size, PAGE_EXECUTE_READWRITE,? & old);??
??????? }???
???????? else?? if (IsNT())? {??
???????????? if (UnloadShell(res, Addr))? { //? 卸載外殼進程占有內存???
???????????????? p? =? MyVirtualAllocEx((unsigned? long )res, ( void?? * )peH -> OptionalHeader.ImageBase, ImageSize, MEM_RESERVE? |? MEM_COMMIT, PAGE_EXECUTE_READWRITE);??
??????????? }???
???????????? if ((p? ==? NULL)? &&? HasRelocationTable(peH))? { //? 分配內存失敗并且目標進程支持重定向???
???????????????? p? =? MyVirtualAllocEx((unsigned? long )res, NULL, ImageSize, MEM_RESERVE? |? MEM_COMMIT, PAGE_EXECUTE_READWRITE);??
???????????????? if (p) DoRelocation(peH, Ptr, p);? //? 重定向???
???????????? }???
??????? }???
???????? if (p)? {??
??????????? WriteProcessMemory(res, ( void?? * )(Ctx.Ebx + 8 ),? & p,? sizeof (DWORD),? & old);? //? 重置目標進程運行環境中的基址???
???????????? peH -> OptionalHeader.ImageBase? =? (unsigned? long )p;??
???????????? if (WriteProcessMemory(res, p, Ptr, ImageSize,? & old))? { //? 復制PE數據到目標進程???
???????????????? Ctx.ContextFlags? =? CONTEXT_FULL;??
???????????????? if ((unsigned? long )p? ==? Addr)??
??????????????????? Ctx.Eax? =? peH -> OptionalHeader.ImageBase? +? peH -> OptionalHeader.AddressOfEntryPoint;? //? 重置運行環境中的入口地址???
????????????????? else??
??????????????????? Ctx.Eax? =? (unsigned? long )p? +? peH -> OptionalHeader.AddressOfEntryPoint;??
??????????????? SetThreadContext(Thrd,? & Ctx); //? 更新運行環境???
???????????????? ResumeThread(Thrd); //? 執行???
???????????????? CloseHandle(Thrd);??
??????????? }???
???????????? else? { //? 加載失敗,殺掉外殼進程???
???????????????? TerminateProcess(res,? 0 );??
??????????????? CloseHandle(Thrd);??
??????????????? CloseHandle(res);??
??????????????? res? =? INVALID_HANDLE_VALUE;??
??????????? }???
??????? }???
???????? else? { //? 加載失敗,殺掉外殼進程???
???????????? TerminateProcess(res,? 0 );??
??????????? CloseHandle(Thrd);??
??????????? CloseHandle(res);??
??????????? res? =? INVALID_HANDLE_VALUE;??
??????? }???
??? }???
??? delete[] s;??
???? return? res;??
}???
?
? /**/ /**/ /**/ /* ******************************************************/?
{ ******************************************************* }?
{ *???????????????? 從內存中加載并運行exe?????????????? * }?
{ ******************************************************* }?
{ * 參數:??????????????????????????????????????????????? }?
{ * Buffer: 內存中的exe地址?????????????????????????????? }?
{ * Len: 內存中exe占用長度??????????????????????????????? }?
{ * CmdParam: 命令行參數(不包含exe文件名的剩余命令行參數)}?
{ * ProcessId: 返回的進程Id?????????????????????????????? }?
{ * 返回值: 如果成功則返回進程的Handle(ProcessHandle),?? }?
{??????????? 如果失敗則返回INVALID_HANDLE_VALUE?????????? }?
{ ******************************************************* }?
?/****************************************************** */??
HANDLE MemExecute( void?? * ABuffer,? long? Len,? char?? * CmdParam, unsigned? long?? * ProcessId)??
? {??
??? HANDLE res? =? INVALID_HANDLE_VALUE;??
??? PIMAGE_NT_HEADERS peH;??
??? PIMAGE_SECTION_HEADERS peSecH;??
???? void?? * Ptr;??
??? unsigned? long? peSz;??
???? if (AlignPEToMem(ABuffer, Len, peH, peSecH, Ptr, peSz))??
????? {??
??????? res? =? AttachPE(CmdParam, peH, peSecH, Ptr, peSz,? * ProcessId);??
??????? VirtualFree(Ptr, peSz, MEM_DECOMMIT);??
??? }???
???? return? res;??
}???
?
?//? 初始化???
?class? CInit??
? {??
?public :??
??? CInit()??
????? {??
??????? MyVirtualAllocEx? =? (pfVirtualAllocEx)GetProcAddress(GetModuleHandle( " Kernel32.dll " ),? " VirtualAllocEx " );??
??? }???
} Init;??
?
?int? main( int? argc,? char *? argv[])
? {
??? FILE *? fp;
??? fp? =? fopen( " E://CProject//DBGVIEW.EXE " , " rb " );
?if? ( fp )
????? {

??????? fseek(fp, 0l ,SEEK_END);
???????? int? file_size = ftell(fp); /**/ /* 獲取文件長度 */
???????? fseek(fp, 0l ,SEEK_SET); /**/ /* 回到文件頭部 */???
???????
???????
??????? LPBYTE pBuf? =?? new? BYTE[file_size];??
??????? memset( pBuf,? 0 , file_size);?

??????? fread(pBuf,file_size, 1 ,fp);

??????? DWORD id? =? GetCurrentProcessId();
??????? unsigned? long? ulProcessId? =?? 0 ;??
??????? MemExecute( pBuf, file_size,? "" ,? & ulProcessId);??
??????? delete[] pBuf;??
???????
??? }??
???
???? return?? 0 ;
}

本文來自互聯網用戶投稿,該文觀點僅代表作者本人,不代表本站立場。本站僅提供信息存儲空間服務,不擁有所有權,不承擔相關法律責任。
如若轉載,請注明出處:http://www.pswp.cn/news/388863.shtml
繁體地址,請注明出處:http://hk.pswp.cn/news/388863.shtml
英文地址,請注明出處:http://en.pswp.cn/news/388863.shtml

如若內容造成侵權/違法違規/事實不符,請聯系多彩編程網進行投訴反饋email:809451989@qq.com,一經查實,立即刪除!

相關文章

srpg 勝利條件設定_英雄聯盟獲勝條件

srpg 勝利條件設定_英雄聯盟獲勝條件

srpg 勝利條件設定介紹 (Introduction) The e-sports community has been growing rapidly in the past few years, and what used to be a casual pastime has morphed into an industry projected to generate $1.8 B in revenue by 2022. While there are many video games …
閱讀更多...
[Egret][文檔]遮罩

[Egret][文檔]遮罩

——遮罩的作用是指定一個顯示對象的可見區域&#xff0c;即這個顯示對象只在這個區域可見。 一、矩形遮罩 將一個矩形對象賦值給顯示對象的 mask 屬性。 shp.mask new egret.Rectangle(20,20,30,50); 【注】&#xff1a;這個矩形的坐標(20,20)和(30,50)是相對于被遮罩對象shp…
閱讀更多...
clob類型字段最大存儲長度_請教oracle的CLOB字段的最大長度?

clob類型字段最大存儲長度_請教oracle的CLOB字段的最大長度?

CLOB和BLOB都是4G&#xff0c;而LONG ,LONG raw是舊時代的oracle二進制和長文本表示&#xff0c;將來會被廢棄。最長長度是2G.單位是Byte表中單個 LOB 字段 在 9i 版本中可保存 4GB 數據, 在 10g 版本中可保存多達 128TB 的數據.所以理論上是沒限制的ORACLE的數據類型-- ORAC…
閱讀更多...
JdbcUtil

JdbcUtil

轉自&#xff1a;https://github.com/ghyg525/util_java_jdbc JdbcUtil.java import java.io.IOException; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.ResultSetMetaData; …
閱讀更多...
機器學習 綜合評價_PyCaret:機器學習綜合

機器學習 綜合評價_PyCaret:機器學習綜合

機器學習 綜合評價Any Machine Learning project journey starts with loading the dataset and ends (continues ?!) with the finalization of the optimum model or ensemble of models for predictions on unseen data and production deployment.任何機器學習項目的旅程都…
閱讀更多...
silverlight 3D 游戲開發

silverlight 3D 游戲開發

http://www.postvision.net/SilverMotion/DemoTech.aspx silverlight 3D 游戲開發 時間:2010-10-22 06:33來源:開心銀光 作者:黎東海 點擊: 562次意外發現一個silverlight的實時3D渲染引擎。性能比開源那些強很多。 而且支持直接加載maya,3Dmax等主流3D模型文件。 附件附上它的…
閱讀更多...
redis終端簡單命令

redis終端簡單命令

keys * 獲取所有鍵lRange hongbao:44 0 -1獲取該鍵的所有值del hongbao:44 刪除該鍵的所有值 hgetAll user:44 獲取該鍵的所有隊列hget hongbao:44 8 獲取該隊列用戶為8的值hset hongbao:44 7 asdf設置該隊列用戶為7的值hdel user:44 8 刪除該隊列用戶為8的值 flushall 清空red…
閱讀更多...
python中ix用法_Python中使用ix的數據幀子集

python中ix用法_Python中使用ix的數據幀子集

您可以使用X[var2].iloc[[0,1]]&#xff1a;In [280]: X[var2].iloc[[0,1]]Out[280]:0 NaN4 9Name: var2, dtype: float64由于X[var2]是X的視圖&#xff0c;因此X[var2].iloc[[0,1]]對兩者都是安全的訪問和分配。但是如果你使用這種“鏈式索引”要小心模式(例如這里使用的index…
閱讀更多...
LintCode 16. 帶重復元素的排列

LintCode 16. 帶重復元素的排列

寫在前面&#xff1a;這題和全排列不含重復元素的那題幾乎一樣&#xff0c;我比較垃圾&#xff0c;就用HashSet去掉了重復的元素但是看了九章算法的答案也沒看懂&#xff0c;他寫的很有感覺。 用了hash&#xff0c;本來想著怎么寫hashcode()和equal()方法的&#xff0c;哪知道都…
閱讀更多...
皮爾遜相關系數 相似系數_皮爾遜相關系數

皮爾遜相關系數 相似系數_皮爾遜相關系數

皮爾遜相關系數 相似系數數據科學和機器學習統計 (STATISTICS FOR DATA SCIENCE AND MACHINE LEARNING) In the last post, we analyzed the relationship between categorical variables and categorical and continuous variables. In this case, we will analyze the relati…
閱讀更多...
【洛谷】P1641 [SCOI2010]生成字符串(思維+組合+逆元)

【洛谷】P1641 [SCOI2010]生成字符串(思維+組合+逆元)

題目 傳送門&#xff1a;QWQ 分析 不想畫圖。 https://www.luogu.org/problemnew/solution/P1641 好神仙的題啊。 代碼 1 // luogu-judger-enable-o22 #include <bits/stdc.h>3 using namespace std;4 typedef long long ll;5 const int maxn15000000;6 const ll MOD2010…
閱讀更多...
Kubernetes持續交付-Jenkins X的Helm部署

Kubernetes持續交付-Jenkins X的Helm部署

Jenkins X 是一個集成化的 CI / CD 平臺&#xff0c;可用于 部署在Kubernetes集群或云計算中心。支持在云計算環境下簡單地開發和部署應用。本項目是在Kubernetes上的安裝支持工具集。 本工具集中包含&#xff1a; Jenkins - 定制好的流水線和運行環境&#xff0c;完全整合CI/C…
閱讀更多...
中國石油大學(華東)暑期集訓--二進制(BZOJ5294)【線段樹】

中國石油大學(華東)暑期集訓--二進制(BZOJ5294)【線段樹】

問題 C: 二進制 時間限制: 1 Sec 內存限制: 128 MB提交: 8 解決: 2[提交] [狀態] [討論版] [命題人:]題目描述 pupil發現對于一個十進制數&#xff0c;無論怎么將其的數字重新排列&#xff0c;均不影響其是不是3的倍數。他想研究對于二進制&#xff0c;是否也有類似的性質。于…
閱讀更多...
2018年10個最佳項目管理工具及鏈接

2018年10個最佳項目管理工具及鏈接

要在任何業務中取得成功&#xff0c;對項目進行適當的管理非常重要。 項目管理是一系列活動&#xff0c;包括計劃&#xff0c;執行&#xff0c;控制和完成項目。項目管理工具有助于簡化此過程。這里是Best 10項目管理工具及其功能和下載鏈接的精選列表。1&#xff09;AsanaAsan…
閱讀更多...
Java 8 新特性之Stream API

Java 8 新特性之Stream API

1. 概述 1.1 簡介 Java 8 中有兩大最為重要的改革&#xff0c;第一個是 Lambda 表達式&#xff0c;另外一個則是 Stream API&#xff08;java.util.stream.*&#xff09;。 Stream 是 Java 8 中處理集合的關鍵抽象概念&#xff0c;它可以指定你希望對集合進行的操作&#xff0c…
閱讀更多...
[Python設計模式] 第17章 程序中的翻譯官——適配器模式

[Python設計模式] 第17章 程序中的翻譯官——適配器模式

github地址:https://github.com/cheesezh/python_design_patterns 適配器模式 適配器模式&#xff0c;將一個類的接口轉換成客戶希望的另外一個接口。Adapter模式使得原本由于接口不兼容而不能一起工作的那些類可以一起工作[DP]。 當系統的數據和行為都正確&#xff0c;但是接口…
閱讀更多...
Ubuntu中NS2安裝詳細教程

Ubuntu中NS2安裝詳細教程

前言&#xff1a; NS2是指 Network Simulator version 2&#xff0c;NS&#xff08;Network Simulator&#xff09; 是一種針對網絡技術的源代碼公開的、免費的軟件模擬平臺&#xff0c;研究人員使用它可以很容易的進行網絡技術的開發&#xff0c;而且發展到今天&#xff0c;它…
閱讀更多...
es6核心特性圖

es6核心特性圖

轉載于:https://juejin.im/post/5c19e188e51d452db4753925
閱讀更多...
帶你利用一句話完成轉場動畫

帶你利用一句話完成轉場動畫

這篇文章主要給大家介紹了關于iOS如何利用一句話完成轉場動畫的相關資料&#xff0c;文中通過示例代碼介紹的非常詳細&#xff0c;對大家的學習或者工作具有一定的參考學習價值&#xff0c;需要的朋友們下面來一起學習學習吧前言本文介紹SS_AnimationTransition 的使用方法,利用…
閱讀更多...
14.vue路由腳手架

14.vue路由腳手架

一.vue路由&#xff1a;https://router.vuejs.org/zh/ 1、定義 let router new VueRouter({mode:"history/hash",base:"基本路徑" 加一些前綴 必須在history模式下有效linkActiveClass:"active", 范圍選擇linkExactActiveClass:"exact&qu…
閱讀更多...
最新文章

Copyright @ 2022~2023