38 lines
924 B
C
38 lines
924 B
C
BOOL RtlLoadPeHeaders(PIMAGE_DOS_HEADER* Dos, PIMAGE_NT_HEADERS* Nt, PIMAGE_FILE_HEADER* File, PIMAGE_OPTIONAL_HEADER* Optional, PBYTE* ImageBase)
|
|
{
|
|
*Dos = (PIMAGE_DOS_HEADER)*ImageBase;
|
|
if ((*Dos)->e_magic != IMAGE_DOS_SIGNATURE)
|
|
return FALSE;
|
|
|
|
*Nt = (PIMAGE_NT_HEADERS)((PBYTE)*Dos + (*Dos)->e_lfanew);
|
|
if ((*Nt)->Signature != IMAGE_NT_SIGNATURE)
|
|
return FALSE;
|
|
|
|
*File = (PIMAGE_FILE_HEADER)(*ImageBase + (*Dos)->e_lfanew + sizeof(DWORD));
|
|
*Optional = (PIMAGE_OPTIONAL_HEADER)((PBYTE)*File + sizeof(IMAGE_FILE_HEADER));
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
int main(VOID)
|
|
{
|
|
PIMAGE_DOS_HEADER Dos;
|
|
PIMAGE_NT_HEADERS Nt;
|
|
PIMAGE_FILE_HEADER File;
|
|
PIMAGE_OPTIONAL_HEADER Optional;
|
|
|
|
PBYTE Binary;
|
|
BOOL bResult;
|
|
|
|
/*
|
|
CreateFile(...)
|
|
GetFileSize(...)
|
|
ReadFile(&Binary)
|
|
*/
|
|
|
|
bResult = RtlLoadPeHeaders(&Dos, &Nt, &File, &Optional, &Binary);
|
|
|
|
|
|
return 0;
|
|
|
|
} |