【原创】PE检测工具
工程下载地址:https://files.cnblogs.com/tk091/PECheck.zip
1 void CPECheckDlg::OnBtnbrowse() 2 { 3 // TODO: Add your control notification handler code here 4 CFileDialog dlg(TRUE); 5 if (dlg.DoModal()!=IDOK) //如果用户没有选择确定按钮,则退出 6 { 7 return; 8 } 9 HANDLE hFile=::CreateFile(dlg.GetPathName(),GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL); 10 SetDlgItemText(IDC_EDIT_FILEPATH,dlg.GetPathName()); 11 if (hFile==INVALID_HANDLE_VALUE) 12 { 13 AfxMessageBox("无效的文件",MB_OK); 14 } 15 IMAGE_DOS_HEADER dosHeader; 16 IMAGE_NT_HEADERS32 ntHeader; 17 18 BOOL bValid=FALSE; 19 DWORD dwRead; 20 ::ReadFile(hFile,&dosHeader,sizeof(dosHeader),&dwRead,NULL); 21 if(dwRead==sizeof(dosHeader)) 22 { 23 if(dosHeader.e_magic==IMAGE_DOS_SIGNATURE) 24 { 25 if(::SetFilePointer(hFile,dosHeader.e_lfanew,NULL,FILE_BEGIN)!=-1) 26 { 27 ::ReadFile(hFile,&ntHeader,sizeof(ntHeader),&dwRead,NULL); 28 if(ntHeader.Signature==IMAGE_NT_SIGNATURE) 29 bValid=TRUE; 30 } 31 } 32 } 33 if(bValid) 34 //MessageBox("是一个PE格式的文件","提示",MB_OK); 35 SetDlgItemText(IDC_EDIT_RESULT,"该文件是一个PE文件"); 36 else 37 { 38 //MessageBox("不是一个PE格式的文件","提示",MB_OK); 39 SetDlgItemText(IDC_EDIT_RESULT,"该文件不是一个PE文件"); 40 } 41 ::CloseHandle(hFile); 42 return; 43 }
如果想支持拖拽,则添加
1 void CPECheckDlg::OnDropFiles(HDROP hDropInfo) 2 { 3 // TODO: Add your message handler code here and/or call default 4 UINT count; 5 char filePath[256]; 6 7 count = DragQueryFile(hDropInfo, 0xFFFFFFFF, NULL, 0); 8 if(count) 9 { 10 for(UINT i=0; i<count; i++) 11 { 12 int pathLen = DragQueryFile(hDropInfo, i, filePath, sizeof(filePath)); 13 //AfxMessageBox(filePath); 14 SetDlgItemText(IDC_EDIT_FILEPATH,filePath); 15 } 16 } 17 18 DragFinish(hDropInfo); 19 20 21 HANDLE hFile=::CreateFile(filePath,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL); 22 //SetDlgItemText(IDC_EDIT_FILEPATH,filePath); 23 if (hFile==INVALID_HANDLE_VALUE) 24 { 25 AfxMessageBox("无效的文件",MB_OK); 26 } 27 IMAGE_DOS_HEADER dosHeader; 28 IMAGE_NT_HEADERS32 ntHeader; 29 30 BOOL bValid=FALSE; 31 DWORD dwRead; 32 ::ReadFile(hFile,&dosHeader,sizeof(dosHeader),&dwRead,NULL); 33 if(dwRead==sizeof(dosHeader)) 34 { 35 if(dosHeader.e_magic==IMAGE_DOS_SIGNATURE) 36 { 37 if(::SetFilePointer(hFile,dosHeader.e_lfanew,NULL,FILE_BEGIN)!=-1) 38 { 39 ::ReadFile(hFile,&ntHeader,sizeof(ntHeader),&dwRead,NULL); 40 if(ntHeader.Signature==IMAGE_NT_SIGNATURE) 41 bValid=TRUE; 42 } 43 } 44 } 45 if(bValid) 46 //MessageBox("是一个PE格式的文件","提示",MB_OK); 47 SetDlgItemText(IDC_EDIT_RESULT,"该文件是一个PE文件"); 48 else 49 { 50 //MessageBox("不是一个PE格式的文件","提示",MB_OK); 51 SetDlgItemText(IDC_EDIT_RESULT,"该文件不是一个PE文件"); 52 } 53 ::CloseHandle(hFile); 54 55 CDialog::OnDropFiles(hDropInfo); 56 }
