有助对csc 编译的程序集理解
using System;
using System.IO;
using System.Reflection;
public class zzz
{
public static void Main()
{
zzz a = new zzz();
a.abc();
}
int tableoffset;
int[] rows;
int[] offset;
int[] ssize;
byte[] metadata;
byte[] strings;
long valid;
byte[][] names;
public void abc()
{
long startofmetadata;
FileStream s = new FileStream(@"C:\a.exe", FileMode.Open);
BinaryReader r = new BinaryReader(s);
s.Seek(360, SeekOrigin.Begin);
int rva, size;
rva = r.ReadInt32();
size = r.ReadInt32();
int where = rva % 0x2000 + 512;
s.Seek(where + 4 + 4, SeekOrigin.Begin);
rva = r.ReadInt32();
where = rva % 0x2000 + 512;
s.Seek(where, SeekOrigin.Begin);
startofmetadata = s.Position;
s.Seek(4 + 2 + 2 + 4 + 4 + 12 + 2, SeekOrigin.Current);
int streams = r.ReadInt16();
offset = new int[5];
ssize = new int[5];
names = new byte[5][];
names[0] = new byte[10];
names[1] = new byte[10];
names[2] = new byte[10];
names[3] = new byte[10];
names[4] = new byte[10];
int i = 0;
int j;
for (i = 0; i < streams; i++)
{
offset[i] = r.ReadInt32();
ssize[i] = r.ReadInt32();
j = 0;
byte bb;
while (true)
{
bb = r.ReadByte();
if (bb == 0)
break;
names[i][j] = bb;
j++;
}
names[i][j] = bb;
while (true)
{
if (s.Position % 4 == 0)
break;
byte b = r.ReadByte();
if (b != 0)
{
s.Seek(-1, SeekOrigin.Current);
break;
}
}
}
for (i = 0; i < streams; i++)
{
if (names[i][1] == '~')
{
metadata = new byte[ssize[i]];
s.Seek(startofmetadata + offset[i], SeekOrigin.Begin);
for (int k = 0; k < ssize[i]; k++)
metadata[k] = r.ReadByte();
}
if (names[i][1] == 'S')
{
strings = new byte[ssize[i]];
s.Seek(startofmetadata + offset[i], SeekOrigin.Begin);
for (int k = 0; k < ssize[i]; k++)
strings[k] = r.ReadByte();
}
}
valid = BitConverter.ToInt64(metadata, 8);
tableoffset = 24;
rows = new int[64];
Array.Clear(rows, 0, rows.Length);
for (int k = 0; k <= 63; k++)
{
int tablepresent = (int)(valid >> k) & 1;
if (tablepresent == 1)
{
rows[k] = BitConverter.ToInt32(metadata, tableoffset);
tableoffset += 4;
}
}
xyz();
}
//这个函数用来判断第i个元数据表是否存在,此外还得到tableoffset,也就是第i个元数据表的偏移量
public bool tablepresent(byte i)
{
int p = (int)(valid >> i) & 1;
byte[] sizes = {
10, 6, 14, 2, 6, 2, 14, 2, 6, 4, 6, 6, 6, 4,
6, 8, 6, 2, 4, 2, 6, 4, 2, 6, 6, 6, 2, 2, 8,
6, 8, 4, 22, 4, 12, 20, 6, 14, 8, 14, 12, 4
};
for (int j = 0; j < i; j++)
{
int o = sizes[j] * rows[j];
tableoffset = tableoffset + o;
}
if (p == 1)
return true;
else
return false;
}
public void xyz()
{
//从0开始算起,第3个是TypeDef元数据表
bool b = tablepresent(2);
int offs = tableoffset;
//肯定存在,所以这里返回true
if (b)
{
for (int k = 1; k <= rows[2]; k++)
{
TypeAttributes flags = (TypeAttributes)BitConverter.ToInt32(metadata, offs);
offs += 4;
int name = BitConverter.ToInt16(metadata, offs);
offs += 2;
int nspace = BitConverter.ToInt16(metadata, offs);
offs += 2;
int cindex = BitConverter.ToInt16(metadata, offs);
offs += 2;
int findex = BitConverter.ToInt16(metadata, offs);
offs += 2;
int mindex = BitConverter.ToInt16(metadata, offs);
offs += 2;
Console.WriteLine("Row:{0}", k);
Console.WriteLine("Flags : {0}", flags);
Console.WriteLine("Name : {0}", GetString(name));
int u = cindex & 3;
}
}
}
public string GetString(int starting)
{
int i = starting;
while (strings[i] != 0)
{
i++;
}
System.Text.Encoding e = System.Text.Encoding.UTF8;
string s = e.GetString(strings, starting, i - starting);
return s;
}
}
using System.IO;
using System.Reflection;
public class zzz
{
public static void Main()
{
zzz a = new zzz();
a.abc();
}
int tableoffset;
int[] rows;
int[] offset;
int[] ssize;
byte[] metadata;
byte[] strings;
long valid;
byte[][] names;
public void abc()
{
long startofmetadata;
FileStream s = new FileStream(@"C:\a.exe", FileMode.Open);
BinaryReader r = new BinaryReader(s);
s.Seek(360, SeekOrigin.Begin);
int rva, size;
rva = r.ReadInt32();
size = r.ReadInt32();
int where = rva % 0x2000 + 512;
s.Seek(where + 4 + 4, SeekOrigin.Begin);
rva = r.ReadInt32();
where = rva % 0x2000 + 512;
s.Seek(where, SeekOrigin.Begin);
startofmetadata = s.Position;
s.Seek(4 + 2 + 2 + 4 + 4 + 12 + 2, SeekOrigin.Current);
int streams = r.ReadInt16();
offset = new int[5];
ssize = new int[5];
names = new byte[5][];
names[0] = new byte[10];
names[1] = new byte[10];
names[2] = new byte[10];
names[3] = new byte[10];
names[4] = new byte[10];
int i = 0;
int j;
for (i = 0; i < streams; i++)
{
offset[i] = r.ReadInt32();
ssize[i] = r.ReadInt32();
j = 0;
byte bb;
while (true)
{
bb = r.ReadByte();
if (bb == 0)
break;
names[i][j] = bb;
j++;
}
names[i][j] = bb;
while (true)
{
if (s.Position % 4 == 0)
break;
byte b = r.ReadByte();
if (b != 0)
{
s.Seek(-1, SeekOrigin.Current);
break;
}
}
}
for (i = 0; i < streams; i++)
{
if (names[i][1] == '~')
{
metadata = new byte[ssize[i]];
s.Seek(startofmetadata + offset[i], SeekOrigin.Begin);
for (int k = 0; k < ssize[i]; k++)
metadata[k] = r.ReadByte();
}
if (names[i][1] == 'S')
{
strings = new byte[ssize[i]];
s.Seek(startofmetadata + offset[i], SeekOrigin.Begin);
for (int k = 0; k < ssize[i]; k++)
strings[k] = r.ReadByte();
}
}
valid = BitConverter.ToInt64(metadata, 8);
tableoffset = 24;
rows = new int[64];
Array.Clear(rows, 0, rows.Length);
for (int k = 0; k <= 63; k++)
{
int tablepresent = (int)(valid >> k) & 1;
if (tablepresent == 1)
{
rows[k] = BitConverter.ToInt32(metadata, tableoffset);
tableoffset += 4;
}
}
xyz();
}
//这个函数用来判断第i个元数据表是否存在,此外还得到tableoffset,也就是第i个元数据表的偏移量
public bool tablepresent(byte i)
{
int p = (int)(valid >> i) & 1;
byte[] sizes = {
10, 6, 14, 2, 6, 2, 14, 2, 6, 4, 6, 6, 6, 4,
6, 8, 6, 2, 4, 2, 6, 4, 2, 6, 6, 6, 2, 2, 8,
6, 8, 4, 22, 4, 12, 20, 6, 14, 8, 14, 12, 4
};
for (int j = 0; j < i; j++)
{
int o = sizes[j] * rows[j];
tableoffset = tableoffset + o;
}
if (p == 1)
return true;
else
return false;
}
public void xyz()
{
//从0开始算起,第3个是TypeDef元数据表
bool b = tablepresent(2);
int offs = tableoffset;
//肯定存在,所以这里返回true
if (b)
{
for (int k = 1; k <= rows[2]; k++)
{
TypeAttributes flags = (TypeAttributes)BitConverter.ToInt32(metadata, offs);
offs += 4;
int name = BitConverter.ToInt16(metadata, offs);
offs += 2;
int nspace = BitConverter.ToInt16(metadata, offs);
offs += 2;
int cindex = BitConverter.ToInt16(metadata, offs);
offs += 2;
int findex = BitConverter.ToInt16(metadata, offs);
offs += 2;
int mindex = BitConverter.ToInt16(metadata, offs);
offs += 2;
Console.WriteLine("Row:{0}", k);
Console.WriteLine("Flags : {0}", flags);
Console.WriteLine("Name : {0}", GetString(name));
int u = cindex & 3;
}
}
}
public string GetString(int starting)
{
int i = starting;
while (strings[i] != 0)
{
i++;
}
System.Text.Encoding e = System.Text.Encoding.UTF8;
string s = e.GetString(strings, starting, i - starting);
return s;
}
}
