It doesn't support PE based on 64 bits architecture, yet! (tomorrow)
Download Source
Little example to show how it works. You could import the lib our just copy/paste into your project.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "PEFile.h" | |
| #include <windows.h> | |
| #include <stdio.h> | |
| int main(int argc, char** argv) | |
| { | |
| if ( argc == 2) | |
| { | |
| PPEFILE lpPEFile; | |
| LPTSTR lpszError; | |
| DWORD lpAccess = (GENERIC_READ | GENERIC_WRITE); | |
| if (newPEFile(&(*(argv + 1)), &lpPEFile, lpAccess, &lpszError)) | |
| { | |
| PIMAGE_SECTION_HEADER *pISHS; | |
| printf("File name : %s\n", lpPEFile->lpcszFileName); | |
| printf("File path : %s\n", lpPEFile->lpcszFullPath); | |
| printf("DosHeader->e_lfanew : 0x%08X\n", lpPEFile->getDosHeader(&lpPEFile)->e_lfanew); | |
| printf("Number of Sections : 0x%08X\n", lpPEFile->getFileHeader(&lpPEFile)->NumberOfSections); | |
| printf("Number of Rvas : 0x%08X\n", lpPEFile->getOptionalHeader(&lpPEFile)->NumberOfRvaAndSizes); | |
| printf("Sections:\n"); | |
| pISHS = lpPEFile->getSectionHeaders(&lpPEFile); | |
| { | |
| UINT i = 0; | |
| for (i = 0; i < lpPEFile->getNumberOfSections(&lpPEFile); i++, pISHS++) | |
| { | |
| printf("%8s 0x%08X 0x%08X\n", (*pISHS)->Name, (*pISHS)->PointerToRawData, (*pISHS)->SizeOfRawData); | |
| } | |
| } | |
| closePEFile(lpPEFile); | |
| } | |
| else | |
| { | |
| printf("%s", lpszError); | |
| } | |
| return EXIT_SUCCESS; | |
| } | |
| return EXIT_FAILURE; | |
| } |
No comments:
Post a Comment