|
zeof(DWORD),1,pFile);
//第10个是TLSDirectory
fread(&m_stExtPeHeader.DataDirectory[9].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[9].Size,sizeof(DWORD),1,pFile);
//第11个是LoadConfigationDirectory
fread(&m_stExtPeHeader.DataDirectory[10].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[10].Size,sizeof(DWORD),1,pFile);
//第12个是BoundImport
fread(&m_stExtPeHeader.DataDirectory[11].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[11].Size,sizeof(DWORD),1,pFile);
//第13个是ImportAddressTable
fread(&m_stExtPeHeader.DataDirectory[12].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[12].Size,sizeof(DWORD),1,pFile);
//第14个是DelayImportDescriptor
fread(&m_stExtPeHeader.DataDirectory[13].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[13].Size,sizeof(DWORD),1,pFile);
//第15个是CLIHeader
fread(&m_stExtPeHeader.DataDirectory[14].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[14].Size,sizeof(DWORD),1,pFile);
//第16个是Reserved
fread(&m_stExtPeHeader.DataDirectory[15].VirtualAddress,sizeof(DWORD),1,pFile);
fread(&m_stExtPeHeader.DataDirectory[15].Size,sizeof(DWORD),1,pFile);
}
解析可选头;逐个读入数据目录;
void CPEToolDlg::ParseSectionHeder()
{
//偏移到节表位置
iLocation = m_stMsDos.e_lfanew + sizeof(stPE_HEADER) + m_stPeHeader.SizeOfOptionalHeader;//PE头+PE头的大小(IMAGE_FILE_HEADER)_+PE可选头的大小(IMAGE_OPTION_HEADER)
fseek(pFile,iLocation,SEEK_SET);
for (WORD i=0;i
解析节头;读入对应内容到m_stSectionHeader;
DWORD CPEToolDlg :: RVAtoFileOffset(int iThe_Section,const DWORD& RVAOffset)
{
DWORD dwFileOffset = 0;
//传入的RavOffset先要转换成相对于节(比如.idata 或.text)的偏移RVA
//第iThe_Section个节中
DWORD dwVrk_TheSection = vct_SectionHeader.at(iThe_Section).VirtualAddress - vct_SectionHeader.at(iThe_Section).PointerToRawData;//虚拟地址和物理地址之间的差值
dwFileOffset = RVAOffset - dwVrk_TheSection;
return dwFileOffset;
}
RVA转换;
void CPEToolDlg::OnBnClickedBTN_DATADIC()
{
//数据目录
dlgDirectoryDate = new Cdialog1;
dlgDirectoryDate->Create(IDD_DIALOG1,this);
dlgDirectoryDate->OnInitCtrlList();
dlgDirectoryDate->ShowWindow(SW_SHOW);
//输出可选头里的数据目录IMAGE_DATA_DIRECTORY
//1导出表
CString strExportSymbol,strExportSymbolSize;
strExportSymbol.Format(L"0x%08x/%d(十进制)",m_stExtPeHeader.DataDirectory[0].VirtualAddress,m_stExtPeHeader.DataDirectory[0].VirtualAddress);
strExportSymbolSize.Format(L"0x%08x/%d(十进制)",m_stExtPeHeader.DataDirectory[0].Size,m_stExtPeHeader.DataDirectory[0].Size);
dlgDirectoryDate->AddToCtrlList(L"01 .edata 导出表",L"偏移"+strExportSymbol,L"IMAGE_OPTION_HEADER--IMAGE_DATA_DIRECTORY",L"偏移大小为:"+strExportSymbolSize);
//2导入表
CString strImportSymbol,strImportSymbolSize;
strExportSymbol.Format(L"0x%08x/%d(十进制)",m_stExtPeHeader.DataDirectory[1].VirtualAddress,m_stExtPeHeader.DataDirectory[1].VirtualAddress);
strImportSymbolSize.Format(L"0x%08x/%d(十进制)",m_stExtPeHeader.DataDirecto |