修复IAT

//获取导入表首地址
IMAGE_DOS_HEADER* pDosHdr = (IMAGE_DOS_HEADER*)pImageBaseAddr;
IMAGE_NT_HEADERS* pNtHdr = (IMAGE_NT_HEADERS*)(pDosHdr->e_lfanew + (DWORD)pImageBaseAddr);
IMAGE_DATA_DIRECTORY* pDataDirHdr = (IMAGE_DATA_DIRECTORY*)pNtHdr->OptionalHeader.DataDirectory;
IMAGE_IMPORT_DESCRIPTOR* pImport = (IMAGE_IMPORT_DESCRIPTOR*)(pDataDirHdr[1].VirtualAddress + (DWORD)pImageBaseAddr);
  
while (pImport->OriginalFirstThunk != 0 || pImport->FirstThunk != 0)
{
    //获得当前DLL名
    char* chName = (char*)(pImport->Name + (DWORD)pImageBaseAddr);
  
    //加载模块
    HMODULE hModule = My_LoadLibraryExA(chName, 0, 0);
  
    //如果有INT表则通过INT表来修复IAT表
    DWORD* pReferenceTab = nullptr;
    (pImport->OriginalFirstThunk == 0x0) || (pImport->OriginalFirstThunk == 0xFFFFFFFF) ?
        pReferenceTab = (DWORD*)(pImport->FirstThunk + (DWORD)pImageBaseAddr) :
        pReferenceTab = (DWORD*)(pImport->OriginalFirstThunk + (DWORD)pImageBaseAddr);
  
    //被修复的IAT表
    DWORD* pIatTab = (DWORD*)(pImport->FirstThunk + (DWORD)pImageBaseAddr);
  
    DWORD dwIatIndex = 0;
    while (pReferenceTab[dwIatIndex] != 0)
    {
        //判断是什么方式导入 <序号> <名称>
        if ((pReferenceTab[dwIatIndex] & 0x80000000) == 0) //最高为1是序号导入
        {
            IMAGE_IMPORT_BY_NAME* pByName = (IMAGE_IMPORT_BY_NAME*)
                (pReferenceTab[dwIatIndex] + (DWORD)pImageBaseAddr);
  
            //获取到的API地址
            pIatTab[dwIatIndex] = (DWORD)My_GetProcAddress(hModule, pByName->Name);
        }
        else
        {
            DWORD dwIndex = pReferenceTab[dwIatIndex] & 0x7FFFFFFF;
            //获取到的API地址
            DWORD dwApiAddr = (DWORD)My_GetProcAddress(hModule, (char*)dwIndex);
            pIatTab[dwIatIndex] = (DWORD)dwApiAddr;
        }
        ++dwIatIndex;
    }
    //指向下一个结构体
    pImport += 1;
}