zoukankan      html  css  js  c++  java
  • pe工具04-获取数据目录

    要实现这样一个窗口,点击目录按钮弹出窗口,显示pe结构的目录项;

    画一个窗口,然后解析pe的数据目录,将得到的值用sendmessage放入输入框即可;

    没什么难度,但是数据太多麻烦;

    实现代码:

    //解析数据目录文件
    BOOL getDirInfo(HWND hwndDlg){
        LPVOID pFileBuffer = NULL;
    
        PIMAGE_DOS_HEADER pDosHeader = NULL;    //dos头指针
        PIMAGE_FILE_HEADER peHeader = NULL;        //pe头指针
        PIMAGE_OPTIONAL_HEADER32 opHeader = NULL;    //可选pe头指针
        PIMAGE_DATA_DIRECTORY dirHeader = NULL;        //数据目录指针
    
        //将文件读入内存
        readPeFile(szFileName, &pFileBuffer);
    
        if(!pFileBuffer){
            return FALSE;
        }
        
        //给pe头结构指针赋值
        pDosHeader = (PIMAGE_DOS_HEADER) pFileBuffer;    
        peHeader = (PIMAGE_FILE_HEADER)((DWORD)pFileBuffer + pDosHeader->e_lfanew + 4);
        opHeader = (PIMAGE_OPTIONAL_HEADER32) ((DWORD)peHeader + IMAGE_SIZEOF_FILE_HEADER);
        dirHeader = opHeader->DataDirectory;
    
        //给子窗口赋值
        HWND hEXPORT = GetDlgItem(hwndDlg,IDC_ENTRY_EXPORT);
        TCHAR tEXPORT[10]={0};
        sprintf(tEXPORT, "%08X", dirHeader[0].VirtualAddress);
        SendMessage(hEXPORT,WM_SETTEXT,0,(long)tEXPORT);
    
        HWND hEXPORT_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_EXPORT_SZ);
        TCHAR tEXPORT_SZ[10]={0};
        sprintf(tEXPORT_SZ, "%08X", dirHeader[0].Size);
        SendMessage(hEXPORT_SZ,WM_SETTEXT,0,(long)tEXPORT_SZ);
    
        HWND hIMPORT = GetDlgItem(hwndDlg,IDC_ENTRY_IMPORT);
        TCHAR tIMPORT[10]={0};
        sprintf(tIMPORT, "%08X", dirHeader[1].VirtualAddress);
        SendMessage(hIMPORT,WM_SETTEXT,0,(long)tIMPORT);
    
        HWND hIMPORT_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_IMPORT_SZ);
        TCHAR tIMPORT_SZ[10]={0};
        sprintf(tIMPORT_SZ, "%08X", dirHeader[1].Size);
        SendMessage(hIMPORT_SZ,WM_SETTEXT,0,(long)tIMPORT_SZ);
    
        HWND hENTRY_RESOURCE = GetDlgItem(hwndDlg,IDC_ENTRY_RESOURCE);
        TCHAR tENTRY_RESOURCE[10]={0};
        sprintf(tENTRY_RESOURCE, "%08X", dirHeader[2].VirtualAddress);
        SendMessage(hENTRY_RESOURCE,WM_SETTEXT,0,(long)tENTRY_RESOURCE);
    
        HWND hENTRY_RESOURCE_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_RESOURCE_SZ);
        TCHAR tENTRY_RESOURCE_SZ[10]={0};
        sprintf(tENTRY_RESOURCE_SZ, "%08X", dirHeader[2].Size);
        SendMessage(hENTRY_RESOURCE_SZ,WM_SETTEXT,0,(long)tENTRY_RESOURCE_SZ);
    
        HWND hEXCEPTION = GetDlgItem(hwndDlg,IDC_ENTRY_EXCEPTION);
        TCHAR tEXCEPTION[10]={0};
        sprintf(tEXCEPTION, "%08X", dirHeader[3].VirtualAddress);
        SendMessage(hEXCEPTION,WM_SETTEXT,0,(long)tEXCEPTION);
    
        HWND hEXCEPTION_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_EXCEPTION_SZ);
        TCHAR tEXCEPTION_SZ[10]={0};
        sprintf(tEXCEPTION_SZ, "%08X", dirHeader[3].Size);
        SendMessage(hEXCEPTION_SZ,WM_SETTEXT,0,(long)tEXCEPTION_SZ);
    
        HWND hSECURITY = GetDlgItem(hwndDlg,IDC_ENTRY_SECURITY);
        TCHAR tSECURITY[10]={0};
        sprintf(tSECURITY, "%08X", dirHeader[4].VirtualAddress);
        SendMessage(hSECURITY,WM_SETTEXT,0,(long)tSECURITY);
    
        HWND hSECURITY_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_SECURITY_SZ);
        TCHAR tSECURITY_SZ[10]={0};
        sprintf(tSECURITY_SZ, "%08X", dirHeader[4].Size);
        SendMessage(hSECURITY_SZ,WM_SETTEXT,0,(long)tSECURITY_SZ);
    
        HWND hRELOC = GetDlgItem(hwndDlg,IDC_ENTRY_BASERELOC);
        TCHAR tRELOC[10]={0};
        sprintf(tRELOC, "%08X", dirHeader[5].VirtualAddress);
        SendMessage(hRELOC,WM_SETTEXT,0,(long)tRELOC);
    
        HWND hRELOC_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_BASERELOC_SZ);
        TCHAR tRELOC_SZ[10]={0};
        sprintf(tRELOC_SZ, "%08X", dirHeader[5].Size);
        SendMessage(hRELOC_SZ,WM_SETTEXT,0,(long)tRELOC_SZ);
        
        HWND hDEBUG = GetDlgItem(hwndDlg,IDC_ENTRY_DEBUG);
        TCHAR tDEBUG[10]={0};
        sprintf(tDEBUG, "%08X", dirHeader[6].VirtualAddress);
        SendMessage(hDEBUG,WM_SETTEXT,0,(long)tDEBUG);
    
        HWND hDEBUG_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_DEBUG_SZ);
        TCHAR tDEBUG_SZ[10]={0};
        sprintf(tDEBUG_SZ, "%08X", dirHeader[6].Size);
        SendMessage(hDEBUG_SZ,WM_SETTEXT,0,(long)tDEBUG_SZ);
    
        HWND hARCHITECTURE = GetDlgItem(hwndDlg,IDC_ENTRY_ARCHITECTURE);
        TCHAR tARCHITECTURE[10]={0};
        sprintf(tARCHITECTURE, "%08X", dirHeader[7].VirtualAddress);
        SendMessage(hARCHITECTURE,WM_SETTEXT,0,(long)tARCHITECTURE);
    
        HWND hARCHITECTURE_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_ARCHITECTURE_SZ);
        TCHAR tARCHITECTURE_SZ[10]={0};
        sprintf(tARCHITECTURE_SZ, "%08X", dirHeader[7].Size);
        SendMessage(hARCHITECTURE_SZ,WM_SETTEXT,0,(long)tARCHITECTURE_SZ);
    
        HWND hGLOBALPTR = GetDlgItem(hwndDlg,IDC_ENTRY_GLOBALPTR);
        TCHAR tGLOBALPTR[10]={0};
        sprintf(tGLOBALPTR, "%08X", dirHeader[8].VirtualAddress);
        SendMessage(hGLOBALPTR,WM_SETTEXT,0,(long)tGLOBALPTR);
    
        HWND hGLOBALPTR_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_GLOBALPTR_SZ);
        TCHAR tGLOBALPTR_SZ[10]={0};
        sprintf(tGLOBALPTR_SZ, "%08X", dirHeader[8].Size);
        SendMessage(hGLOBALPTR_SZ,WM_SETTEXT,0,(long)tGLOBALPTR_SZ);
    
        HWND hTLS = GetDlgItem(hwndDlg,IDC_ENTRY_TLS);
        TCHAR tTLS[10]={0};
        sprintf(tTLS, "%08X", dirHeader[9].VirtualAddress);
        SendMessage(hTLS,WM_SETTEXT,0,(long)tTLS);
    
        HWND hTLS_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_TLS_SZ);
        TCHAR tTLS_SZ[10]={0};
        sprintf(tTLS_SZ, "%08X", dirHeader[9].Size);
        SendMessage(hTLS_SZ,WM_SETTEXT,0,(long)tTLS_SZ);
    
        HWND hCONFIG = GetDlgItem(hwndDlg,IDC_ENTRY_LOAD_CONFIG);
        TCHAR tCONFIG[10]={0};
        sprintf(tCONFIG, "%08X", dirHeader[10].VirtualAddress);
        SendMessage(hCONFIG,WM_SETTEXT,0,(long)tCONFIG);
    
        HWND hCONFIG_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_LOAD_CONFIG_SZ);
        TCHAR tCONFIG_SZ[10]={0};
        sprintf(tCONFIG_SZ, "%08X", dirHeader[10].Size);
        SendMessage(hCONFIG_SZ,WM_SETTEXT,0,(long)tCONFIG_SZ);
    
        HWND hBOUND = GetDlgItem(hwndDlg,IDC_ENTRY_BOUND_IMPORT);
        TCHAR tBOUND[10]={0};
        sprintf(tBOUND, "%08X", dirHeader[11].VirtualAddress);
        SendMessage(hBOUND,WM_SETTEXT,0,(long)tBOUND);
    
        HWND hBOUND_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_BOUND_IMPORT_SZ);
        TCHAR tBOUND_SZ[10]={0};
        sprintf(tBOUND_SZ, "%08X", dirHeader[11].Size);
        SendMessage(hBOUND_SZ,WM_SETTEXT,0,(long)tBOUND_SZ);
    
        HWND hIAT = GetDlgItem(hwndDlg,IDC_ENTRY_IAT);
        TCHAR tIAT[10]={0};
        sprintf(tIAT, "%08X", dirHeader[12].VirtualAddress);
        SendMessage(hIAT,WM_SETTEXT,0,(long)tIAT);
    
        HWND hIAT_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_IAT_SZ);
        TCHAR tIAT_SZ[10]={0};
        sprintf(tIAT_SZ, "%08X", dirHeader[12].Size);
        SendMessage(hIAT_SZ,WM_SETTEXT,0,(long)tIAT_SZ);
    
        HWND hDELAY = GetDlgItem(hwndDlg,IDC_ENTRY_DELAY_IMPORT);
        TCHAR tDELAY[10]={0};
        sprintf(tDELAY, "%08X", dirHeader[13].VirtualAddress);
        SendMessage(hDELAY,WM_SETTEXT,0,(long)tDELAY);
    
        HWND hDELAY_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_DELAY_IMPORT_SZ);
        TCHAR tDELAY_SZ[10]={0};
        sprintf(tDELAY_SZ, "%08X", dirHeader[13].Size);
        SendMessage(hDELAY_SZ,WM_SETTEXT,0,(long)tDELAY_SZ);
    
        HWND hCOM = GetDlgItem(hwndDlg,IDC_ENTRY_COM_DESCRIPTOR);
        TCHAR tCOM[10]={0};
        sprintf(tCOM, "%08X", dirHeader[14].VirtualAddress);
        SendMessage(hCOM,WM_SETTEXT,0,(long)tCOM);
    
        HWND hCOM_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_COM_DESCRIPTOR_SZ);
        TCHAR tCOM_SZ[10]={0};
        sprintf(tCOM_SZ, "%08X", dirHeader[14].Size);
        SendMessage(hCOM_SZ,WM_SETTEXT,0,(long)tCOM_SZ);
    
        HWND hKEEP = GetDlgItem(hwndDlg,IDC_ENTRY_KEEP);
        TCHAR tKEEP[10]={0};
        sprintf(tKEEP, "%08X", dirHeader[15].VirtualAddress);
        SendMessage(hKEEP,WM_SETTEXT,0,(long)tKEEP);
    
        HWND hKEEP_SZ = GetDlgItem(hwndDlg,IDC_ENTRY_KEEP_SZ);
        TCHAR tKEEP_SZ[10]={0};
        sprintf(tKEEP_SZ, "%08X", dirHeader[15].Size);
        SendMessage(hKEEP_SZ,WM_SETTEXT,0,(long)tKEEP_SZ);
    
        free(pFileBuffer);
        return TRUE;
    }
  • 相关阅读:
    装饰器函数(一)
    面向对象的初阶复习
    内置函数/反射/内置方法(单例类面)
    property特殊属性/类方法/静态方法
    多态/封装
    接口类抽象类
    初始继承之顺序/深度优先及广度优先
    类涉及的空间关系及组合(可变项地址面)
    <head></head>
    让IE6 IE7 IE8 IE9 IE10 IE11支持Bootstrap的解决方法
  • 原文地址:https://www.cnblogs.com/ShiningArmor/p/12204178.html
Copyright © 2011-2022 走看看