读取PE文件头的一段小程序
给自己定一个目标,要实现一个能复制自己的小程序,所以,首先,要认真学习PE文件结构,一下的程序读取一个EXE文件的文件头信息
代码
代码
#include <iostream.h>
#include <windows.h>
void main()
{
HANDLE hFile;
hFile = CreateFile("c:\\notepad.exe",GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hFile==INVALID_HANDLE_VALUE)
{
cout<<"error"<<endl;#include <iostream.h>
#include <windows.h>
void main()
{
HANDLE hFile;
hFile = CreateFile("c:\\notepad.exe",GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hFile==INVALID_HANDLE_VALUE)
{
cout<<"error"<<endl;
return;
}
// 读写PE文件
DWORD fp;
BOOL rs;
BYTE buff[1024];
DWORD number;
fp=::SetFilePointer(hFile,0,NULL,FILE_BEGIN);//将文件读写指针移动到文件头
//读取DOS文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_DOS_HEADER),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_DOS_HEADER *mydosheader;
mydosheader=(_IMAGE_DOS_HEADER *)buff;
cout<<"PE header offset:"<<hex<<mydosheader->e_lfanew<<endl;//输出PE文件头的偏移
//将文件读写指针移动到PE文件头位置
fp=::SetFilePointer(hFile,mydosheader->e_lfanew,NULL,FILE_BEGIN);
//读取PE文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_NT_HEADERS),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_NT_HEADERS *mypeheader;
mypeheader=(_IMAGE_NT_HEADERS*)buff;
cout<<"PE magic:"<<hex<<mypeheader->Signature<<endl;//输出PE文件头标识
//输出PE文件_IMAGE_FILE_HEADER信息
cout<<"machine:"<<hex<<mypeheader->FileHeader.Machine<<endl;
cout<<"numberofsection:"<<hex<<mypeheader->FileHeader.NumberOfSections<<endl;
cout<<"TimeDateStamp:"<<hex<<mypeheader->FileHeader.TimeDateStamp<<endl;
cout<<"SizeOfOptionalHeader:"<<hex<<mypeheader->FileHeader.SizeOfOptionalHeader<<endl;
cout<<"Characteristics:"<<hex<<mypeheader->FileHeader.Characteristics<<endl;
//输出PE文件IMAGE_OPTIONAL_HEADER32信息
cout<<"AddressOfEntryPoint:"<<hex<<mypeheader->OptionalHeader.AddressOfEntryPoint<<endl;
cout<<"ImageBase:"<<hex<<mypeheader->OptionalHeader.ImageBase<<endl;
cout<<"SectionAlignment:"<<hex<<mypeheader->OptionalHeader.SectionAlignment<<endl;
cout<<"FileAlignment:"<<hex<<mypeheader->OptionalHeader.FileAlignment<<endl;
//输出PE文件IMAGE_DATA_DIRECTORY信息
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].Size<<endl;
cout<<"noname RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].VirtualAddress<<endl;
cout<<"noname size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].Size<<endl;
}
return;
}
// 读写PE文件
DWORD fp;
BOOL rs;
BYTE buff[1024];
DWORD number;
fp=::SetFilePointer(hFile,0,NULL,FILE_BEGIN);//将文件读写指针移动到文件头
//读取DOS文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_DOS_HEADER),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_DOS_HEADER *mydosheader;
mydosheader=(_IMAGE_DOS_HEADER *)buff;
cout<<"PE header offset:"<<hex<<mydosheader->e_lfanew<<endl;//输出PE文件头的偏移
//将文件读写指针移动到PE文件头位置
fp=::SetFilePointer(hFile,mydosheader->e_lfanew,NULL,FILE_BEGIN);
//读取PE文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_NT_HEADERS),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_NT_HEADERS *mypeheader;
mypeheader=(_IMAGE_NT_HEADERS*)buff;
cout<<"PE magic:"<<hex<<mypeheader->Signature<<endl;//输出PE文件头标识
//输出PE文件_IMAGE_FILE_HEADER信息
cout<<"machine:"<<hex<<mypeheader->FileHeader.Machine<<endl;
cout<<"numberofsection:"<<hex<<mypeheader->FileHeader.NumberOfSections<<endl;
cout<<"TimeDateStamp:"<<hex<<mypeheader->FileHeader.TimeDateStamp<<endl;
cout<<"SizeOfOptionalHeader:"<<hex<<mypeheader->FileHeader.SizeOfOptionalHeader<<endl;
cout<<"Characteristics:"<<hex<<mypeheader->FileHeader.Characteristics<<endl;
//输出PE文件IMAGE_OPTIONAL_HEADER32信息
cout<<"AddressOfEntryPoint:"<<hex<<mypeheader->OptionalHeader.AddressOfEntryPoint<<endl;
cout<<"ImageBase:"<<hex<<mypeheader->OptionalHeader.ImageBase<<endl;
cout<<"SectionAlignment:"<<hex<<mypeheader->OptionalHeader.SectionAlignment<<endl;
cout<<"FileAlignment:"<<hex<<mypeheader->OptionalHeader.FileAlignment<<endl;
//输出PE文件IMAGE_DATA_DIRECTORY信息
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].Size<<endl;
cout<<"noname RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].VirtualAddress<<endl;
cout<<"noname size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].Size<<endl;
}
#include <windows.h>
void main()
{
HANDLE hFile;
hFile = CreateFile("c:\\notepad.exe",GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hFile==INVALID_HANDLE_VALUE)
{
cout<<"error"<<endl;#include <iostream.h>
#include <windows.h>
void main()
{
HANDLE hFile;
hFile = CreateFile("c:\\notepad.exe",GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL);
if(hFile==INVALID_HANDLE_VALUE)
{
cout<<"error"<<endl;
return;
}
// 读写PE文件
DWORD fp;
BOOL rs;
BYTE buff[1024];
DWORD number;
fp=::SetFilePointer(hFile,0,NULL,FILE_BEGIN);//将文件读写指针移动到文件头
//读取DOS文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_DOS_HEADER),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_DOS_HEADER *mydosheader;
mydosheader=(_IMAGE_DOS_HEADER *)buff;
cout<<"PE header offset:"<<hex<<mydosheader->e_lfanew<<endl;//输出PE文件头的偏移
//将文件读写指针移动到PE文件头位置
fp=::SetFilePointer(hFile,mydosheader->e_lfanew,NULL,FILE_BEGIN);
//读取PE文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_NT_HEADERS),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_NT_HEADERS *mypeheader;
mypeheader=(_IMAGE_NT_HEADERS*)buff;
cout<<"PE magic:"<<hex<<mypeheader->Signature<<endl;//输出PE文件头标识
//输出PE文件_IMAGE_FILE_HEADER信息
cout<<"machine:"<<hex<<mypeheader->FileHeader.Machine<<endl;
cout<<"numberofsection:"<<hex<<mypeheader->FileHeader.NumberOfSections<<endl;
cout<<"TimeDateStamp:"<<hex<<mypeheader->FileHeader.TimeDateStamp<<endl;
cout<<"SizeOfOptionalHeader:"<<hex<<mypeheader->FileHeader.SizeOfOptionalHeader<<endl;
cout<<"Characteristics:"<<hex<<mypeheader->FileHeader.Characteristics<<endl;
//输出PE文件IMAGE_OPTIONAL_HEADER32信息
cout<<"AddressOfEntryPoint:"<<hex<<mypeheader->OptionalHeader.AddressOfEntryPoint<<endl;
cout<<"ImageBase:"<<hex<<mypeheader->OptionalHeader.ImageBase<<endl;
cout<<"SectionAlignment:"<<hex<<mypeheader->OptionalHeader.SectionAlignment<<endl;
cout<<"FileAlignment:"<<hex<<mypeheader->OptionalHeader.FileAlignment<<endl;
//输出PE文件IMAGE_DATA_DIRECTORY信息
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].Size<<endl;
cout<<"noname RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].VirtualAddress<<endl;
cout<<"noname size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].Size<<endl;
}
return;
}
// 读写PE文件
DWORD fp;
BOOL rs;
BYTE buff[1024];
DWORD number;
fp=::SetFilePointer(hFile,0,NULL,FILE_BEGIN);//将文件读写指针移动到文件头
//读取DOS文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_DOS_HEADER),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_DOS_HEADER *mydosheader;
mydosheader=(_IMAGE_DOS_HEADER *)buff;
cout<<"PE header offset:"<<hex<<mydosheader->e_lfanew<<endl;//输出PE文件头的偏移
//将文件读写指针移动到PE文件头位置
fp=::SetFilePointer(hFile,mydosheader->e_lfanew,NULL,FILE_BEGIN);
//读取PE文件头
rs=::ReadFile(hFile,buff,sizeof(_IMAGE_NT_HEADERS),&number,NULL);
if(rs==false)
{
cout<<"error"<<endl;
return;
}
_IMAGE_NT_HEADERS *mypeheader;
mypeheader=(_IMAGE_NT_HEADERS*)buff;
cout<<"PE magic:"<<hex<<mypeheader->Signature<<endl;//输出PE文件头标识
//输出PE文件_IMAGE_FILE_HEADER信息
cout<<"machine:"<<hex<<mypeheader->FileHeader.Machine<<endl;
cout<<"numberofsection:"<<hex<<mypeheader->FileHeader.NumberOfSections<<endl;
cout<<"TimeDateStamp:"<<hex<<mypeheader->FileHeader.TimeDateStamp<<endl;
cout<<"SizeOfOptionalHeader:"<<hex<<mypeheader->FileHeader.SizeOfOptionalHeader<<endl;
cout<<"Characteristics:"<<hex<<mypeheader->FileHeader.Characteristics<<endl;
//输出PE文件IMAGE_OPTIONAL_HEADER32信息
cout<<"AddressOfEntryPoint:"<<hex<<mypeheader->OptionalHeader.AddressOfEntryPoint<<endl;
cout<<"ImageBase:"<<hex<<mypeheader->OptionalHeader.ImageBase<<endl;
cout<<"SectionAlignment:"<<hex<<mypeheader->OptionalHeader.SectionAlignment<<endl;
cout<<"FileAlignment:"<<hex<<mypeheader->OptionalHeader.FileAlignment<<endl;
//输出PE文件IMAGE_DATA_DIRECTORY信息
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[0].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[1].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_RESOURCE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[2].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_EXCEPTION size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[3].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_SECURITY size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[4].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BASERELOC size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[5].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DEBUG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[6].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_ARCHITECTURE size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[7].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_GLOBALPTR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[8].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_TLS size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[9].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[10].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[11].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_IAT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[12].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[13].Size<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].VirtualAddress<<endl;
cout<<"IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[14].Size<<endl;
cout<<"noname RVA:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].VirtualAddress<<endl;
cout<<"noname size:"<<hex<<mypeheader->OptionalHeader.DataDirectory[15].Size<<endl;
}
