C语言编写控制台下PE分析工具(四)
2015-09-02 00:41
627 查看
八、获取输入表信息
1、获取输入表地址
PIMAGE_IMPORT_DESCRIPTOR GetFirstImportDesc(LPVOID ImageBase)
{
if (!ImageBase)
{
return nullptr;
}
PIMAGE_IMPORT_DESCRIPTOR pID = (PIMAGE_IMPORT_DESCRIPTOR)GetDirectoryEntryToData(ImageBase, IMAGE_DIRECTORY_ENTRY_IMPORT);
if (!pID)
{
return nullptr;
}
return pID;
}
2、输出输入dll
void ShowImportDirectory(PMAP_FILE_STRUCT stMapFile)
{
PIMAGE_IMPORT_DESCRIPTOR pID = GetFirstImportDesc(stMapFile->ImageBase);
if (!pID)
{
return;
}
PIMAGE_NT_HEADERS pNH = GetNtHeaders(stMapFile->ImageBase);
if (!pNH)
{
return;
}
printf("\n\n[Import Table]\n");
printf("%-15s %s %s %s %s %s\n","DLLName", "OrigFstThunk", "TDStamp", "ForderChin",
"Name", "FirstThunk");
while (pID->FirstThunk)
{
char *dllName = (char *)ImageRvaToVa(pNH, stMapFile->ImageBase, pID->Name, NULL);
printf("%-15s %08lX %08lX %08lX %08lX %08lX\n", dllName, pID->OriginalFirstThunk, pID->TimeDateStamp, pID->ForwarderChain,
pID->Name, pID->FirstThunk);
pID++;
}
}
结果如图所示:
1、获取输入表地址
PIMAGE_IMPORT_DESCRIPTOR GetFirstImportDesc(LPVOID ImageBase)
{
if (!ImageBase)
{
return nullptr;
}
PIMAGE_IMPORT_DESCRIPTOR pID = (PIMAGE_IMPORT_DESCRIPTOR)GetDirectoryEntryToData(ImageBase, IMAGE_DIRECTORY_ENTRY_IMPORT);
if (!pID)
{
return nullptr;
}
return pID;
}
2、输出输入dll
void ShowImportDirectory(PMAP_FILE_STRUCT stMapFile)
{
PIMAGE_IMPORT_DESCRIPTOR pID = GetFirstImportDesc(stMapFile->ImageBase);
if (!pID)
{
return;
}
PIMAGE_NT_HEADERS pNH = GetNtHeaders(stMapFile->ImageBase);
if (!pNH)
{
return;
}
printf("\n\n[Import Table]\n");
printf("%-15s %s %s %s %s %s\n","DLLName", "OrigFstThunk", "TDStamp", "ForderChin",
"Name", "FirstThunk");
while (pID->FirstThunk)
{
char *dllName = (char *)ImageRvaToVa(pNH, stMapFile->ImageBase, pID->Name, NULL);
printf("%-15s %08lX %08lX %08lX %08lX %08lX\n", dllName, pID->OriginalFirstThunk, pID->TimeDateStamp, pID->ForwarderChain,
pID->Name, pID->FirstThunk);
pID++;
}
}
结果如图所示:
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- C++成员函数的 重载、隐藏、覆盖分析
- c/c++使用gsoap调用wcf发布的webservice
- c/c++使用gsoap发布和调用webservice
- C/C++编程细节(三)——类、继承、模板、运算符重载
- C++多态的实现及原理详细解析
- C语言基本排序总结
- C++ operator new 重载(两个参数)
- C++ 中指针与引用的区别
- C语言精悍小题
- Effective C++ 条款30 透彻了解inlining的里里外外
- C++ 模板类demo
- C/C++中实型的存储格式
- c++ primer之类
- C语言全排列算法实现
- 推荐系统之基于二部图的个性化推荐系统原理及C++实现
- json解析C++
- C++: Converting an MFC CString to a std::string
- C++用冒号(:)和双冒号(::)用法
- c++ - dec2bin / bin2dec
- C++内存分配方式详解——堆、栈、自由存储区、全局/静态存储区和常量存储区