C 列出PE文件的导入DLL
我尝试使用以下代码列出PE文件的导入DLL,但它不起作用,windows说当我运行它时,exe已停止工作。在代码中,我只是使用CreateFileMapping函数将给定的exe文件映射到内存中,然后使用Win32 API中给定的适当结构对每个部分进行资源管理。我怎样才能纠正它C 列出PE文件的导入DLL,c,winapi,dll,portable-executable,C,Winapi,Dll,Portable Executable,我尝试使用以下代码列出PE文件的导入DLL,但它不起作用,windows说当我运行它时,exe已停止工作。在代码中,我只是使用CreateFileMapping函数将给定的exe文件映射到内存中,然后使用Win32 API中给定的适当结构对每个部分进行资源管理。我怎样才能纠正它 #include <stdio.h> #include <windows.h> //add Pointer Values #define MakePtr( cast, ptr, addValue
#include <stdio.h>
#include <windows.h>
//add Pointer Values
#define MakePtr( cast, ptr, addValue ) (cast)( (unsigned long)(ptr)+(unsigned long)(addValue))
int main(int argc , char ** argv) //main method
{
HANDLE hMapObject, hFile;//File Mapping Object
LPVOID lpBase;//Pointer to the base memory of mapped
PIMAGE_DOS_HEADER dosHeader;//Pointer to DOS Header
PIMAGE_NT_HEADERS ntHeader;//Pointer to NT Header
PIMAGE_IMPORT_DESCRIPTOR importDesc;//Pointer to import descriptor
hFile = CreateFile(argv[1],GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);//Open the Exe File
if(hFile == INVALID_HANDLE_VALUE){
printf("\nERROR : Could not open the file specified\n");
}
hMapObject = CreateFileMapping(hFile,NULL,PAGE_READONLY,0,0,NULL);
lpBase = MapViewOfFile(hMapObject,FILE_MAP_READ,0,0,0);//Mapping Given EXE file to Memory
dosHeader = (PIMAGE_DOS_HEADER)lpBase;//Get the DOS Header Base
//verify dos header
if ( dosHeader->e_magic == IMAGE_DOS_SIGNATURE)
{
ntHeader = MakePtr(PIMAGE_NT_HEADERS, dosHeader, dosHeader->e_lfanew);//Get the NT Header
//verify NT header
if (ntHeader->Signature == IMAGE_NT_SIGNATURE ){
importDesc = MakePtr(PIMAGE_IMPORT_DESCRIPTOR, dosHeader,ntHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);
while (importDesc->Name)
{
printf("%s\n",MakePtr(char*, dosHeader,importDesc->Name));
importDesc++;
}
}
}
getchar();
}
#包括
#包括
//添加指针值
#定义MakePtr(cast、ptr、addValue)(cast)((无符号长)(ptr)+(无符号长)(addValue))
int main(int argc,char**argv)//main方法
{
HANDLE hMapObject,hFile;//文件映射对象
LPVOID lpBase;//指向映射的基本内存的指针
PIMAGE_DOS_HEADER dosHeader;//指向DOS HEADER的指针
PIMAGE\u NT\u HEADERS ntHeader;//指向NT头的指针
PIMAGE\u IMPORT\u描述符importDesc;//指向导入描述符的指针
hFile=CreateFile(argv[1],GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);//打开Exe文件
if(hFile==无效的句柄值){
printf(“\n错误:无法打开指定的文件\n”);
}
hMapObject=CreateFileMapping(hFile,NULL,PAGE_READONLY,0,0,NULL);
lpBase=MapViewOfFile(hMapObject,FILE_MAP_READ,0,0,0);//将给定的EXE文件映射到内存
dosHeader=(PIMAGE\u DOS\u HEADER)lpBase;//获取DOS HEADER Base
//验证dos标头
如果(dosHeader->e_magic==图像\u DOS\u签名)
{
nHeader=MakePtr(PIMAGE\u NT\u HEADERS,dosHeader,dosHeader->e\u lfanew);//获取NT头
//验证NT头
如果(n标题->签名==图像\u NT\u签名){
importDesc=MakePtr(PIMAGE\u IMPORT\u DESCRIPTOR,dosHeader,ntHeader->OptionalHeader.DataDirectory[IMAGE\u DIRECTORY\u ENTRY\u IMPORT].VirtualAddress);
while(importDesc->Name)
{
printf(“%s\n”,MakePtr(char*,dosHeader,importDesc->Name));
importDesc++;
}
}
}
getchar();
}