#include<stdio.h>
#include<windows.h>
char strPath[100];
void P_NT_HEADER(FILE *fp,LONG e_lfanew){
IMAGE_NT_HEADERS MyNTHeader;
fseek(fp,e_lfanew,SEEK_SET);//指针定位到e_lfanew
fread(&MyNTHeader,sizeof(DWORD),1,fp);
printf("/***************NT_HEADER*************//\n");
printf("Signature:%08x\n",MyNTHeader.Signature);
}
void P_FILE_HEADER(FILE *fp,LONG e_lfanew){
IMAGE_FILE_HEADER MyFileHeader;
fseek(fp,e_lfanew+sizeof(DWORD),SEEK_SET);
fread(&MyFileHeader,sizeof(IMAGE_FILE_HEADER),1,fp);
printf("/*********************FILE_HEADER**************/\n");
printf("Machine:%08x\n",MyFileHeader.Machine);
printf("SizeOfOptionalHeade:%08x\n",MyFileHeader.SizeOfOptionalHeader);
printf("Characteristics:%08x\n",MyFileHeader.Characteristics);
}
void P_OPTIONAL_HEADER(FILE *fp,LONG e_lfanew){
IMAGE_OPTIONAL_HEADER MyOptionalHeader;
fseek(fp,e_lfanew+sizeof(DWORD)+sizeof(IMAGE_FILE_HEADER),SEEK_SET);
fread(&MyOptionalHeader,sizeof(IMAGE_OPTIONAL_HEADER),1,fp);
printf("/****************OPTIONAL_HEADER**************/\n");
printf("Magic:%08x\n",MyOptionalHeader.Magic);
printf("AddressOfEntryPoint:%08x\n",MyOptionalHeader.AddressOfEntryPoint);
printf("ImageBase:%08x\n",MyOptionalHeader.ImageBase);
printf("SectionAlignment:%08x\n",MyOptionalHeader.SectionAlignment);
printf("FileAlignment:%08x\n",MyOptionalHeader.FileAlignment);
printf("SizeOfImage:%08x\n",MyOptionalHeader.SizeOfImage);
printf("SizeOfHeaders:%08x\n",MyOptionalHeader.SizeOfHeaders);
printf("Subsystem:%08x\n",MyOptionalHeader.Subsystem);
printf("NumberOfRvaAndSizes:%08x\n",MyOptionalHeader.NumberOfRvaAndSizes);
}
void P_DATA_DIRECTORY(FILE *fp,LONG e_lfanew)
{
IMAGE_DATA_DIRECTORY MyDataDirectory[16];
fseek(fp,e_lfanew+sizeof(IMAGE_NT_HEADERS)-sizeof(IMAGE_DATA_DIRECTORY),SEEK_SET);
for(int i=0;i<16;i++){
fread(&MyDataDirectory[i],sizeof(IMAGE_DATA_DIRECTORY),1,fp);
}
printf("/********************DATA_DIRECTORY***************/\n");
printf(" EXPORT Directory\n");
printf("VirtualAddress:%08x\n",MyDataDirectory[0].VirtualAddress);
printf("Size:%08x\n",MyDataDirectory[0].Size);
/////////////////////////////////////////////////////
printf(" IMPORT Directory\n");
printf("VirtualAddress:%08x\n",MyDataDirectory[1].VirtualAddress);
printf("Size:%08x\n",MyDataDirectory[1].Size);
/////////////////////////////////////////////////////////////
printf(" RESOURCE Directory\n");
printf("VirtualAddress:%08x\n",MyDataDirectory[2].VirtualAddress);
printf("Size:%08x\n",MyDataDirectory[2].Size);
/////////////////////////////////////////////////////////
printf(" BASERELOC Directory\n");
printf("VirtualAddress:%08x\n",MyDataDirectory[5].VirtualAddress);
printf("Size:%08x\n",MyDataDirectory[5].Size);
}
void P_DOS_HEADER(FILE *fp){
IMAGE_DOS_HEADER MyDosHeader;
LONG e_lfanew;
fread(&MyDosHeader,sizeof(IMAGE_DOS_HEADER),1,fp);
printf("/*******DOS_HEADER*****/\n");
printf("e_magic:%08x\n",MyDosHeader.e_magic);
printf("e_lafnew:%08x\n",MyDosHeader.e_lfanew);
e_lfanew=MyDosHeader.e_lfanew;
P_NT_HEADER(fp,e_lfanew);
P_FILE_HEADER(fp,e_lfanew);
P_OPTIONAL_HEADER(fp,e_lfanew);
P_DATA_DIRECTORY(fp,e_lfanew);
fclose(fp);
}
int main(){
FILE *fp;
printf("输入需要打开文件的地址\n");
scanf("%s",&strPath);
fp=fopen(strPath,"rb+");
/**传至P_DOS_HEADER**/
P_DOS_HEADER(fp);
return 0;
}
<img alt="" data-cke-saved-src="https://img-blog.csdn.net/20180105180816070?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvemhpaGVfcmlnaHQ=/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/SouthEast" src="https://img-blog.csdn.net/20180105180816070?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvemhpaGVfcmlnaHQ=/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/SouthEast" />
更改之后:
#include<stdio.h>
#include<windows.h>
char strPath[100];
void P_NT_HEADER(FILE *fp,LONG e_lfanew){
IMAGE_NT_HEADERS64 MyNTHeader;
fseek(fp,e_lfanew,SEEK_SET);//指针定位到e_lfanew
fread(&MyNTHeader,sizeof(IMAGE_NT_HEADERS64),1,fp);
printf("/***************NT_HEADER*************//\n");
printf("Signature:%08x\n",MyNTHeader.Signature);
printf("/*********************FILE_HEADER**************/\n");
printf("Machine:%08x\n",MyNTHeader.FileHeader.Machine);
printf("SizeOfOptionalHeade:%08x\n",MyNTHeader.FileHeader.SizeOfOptionalHeader);
printf("Characteristics:%08x\n",MyNTHeader.FileHeader.Characteristics);
printf("/****************OPTIONAL_HEADER**************/\n");
printf("Magic:%08x\n",MyNTHeader.OptionalHeader.Magic);
printf("AddressOfEntryPoint:%08x\n",MyNTHeader.OptionalHeader.AddressOfEntryPoint);
printf("ImageBase:%08x\n",MyNTHeader.OptionalHeader.ImageBase);
printf("SectionAlignment:%08x\n",MyNTHeader.OptionalHeader.SectionAlignment);
printf("FileAlignment:%08x\n",MyNTHeader.OptionalHeader.FileAlignment);
printf("SizeOfImage:%08x\n",MyNTHeader.OptionalHeader.SizeOfImage);
printf("SizeOfHeaders:%08x\n",MyNTHeader.OptionalHeader.SizeOfHeaders);
printf("Subsystem:%08x\n",MyNTHeader.OptionalHeader.Subsystem);
printf("NumberOfRvaAndSizes:%08x\n",MyNTHeader.OptionalHeader.NumberOfRvaAndSizes);
printf("/********************DATA_DIRECTORY***************/\n");
printf(" EXPORT Directory\n");
printf("VirtualAddress:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[0].VirtualAddress);
printf("Size:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[0].Size);
/////////////////////////////////////////////////////
printf(" IMPORT Directory\n");
printf("VirtualAddress:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[1].VirtualAddress);
printf("Size:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[1].Size);
/////////////////////////////////////////////////////////////
printf(" RESOURCE Directory\n");
printf("VirtualAddress:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[2].VirtualAddress);
printf("Size:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[2].Size);
/////////////////////////////////////////////////////////
printf(" BASERELOC Directory\n");
printf("VirtualAddress:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[5].VirtualAddress);
printf("Size:%08x\n",MyNTHeader.OptionalHeader.DataDirectory[5].Size);
}
