PeTools开发(三)

节表的获取

知识点:

01 节表信息的读取

02 ListView的操作方法 (在这耽误了很久, 不太熟悉这里面的操作)

展示图:

关键代码:

//PE区段表
void SetPeSectionInfo(HWND hwndDlg,LPSTR lpszFile)
{
	LPVOID pFileBuffer = NULL;
	PIMAGE_DOS_HEADER pDosHeader = NULL;
	PIMAGE_NT_HEADERS pNTHeader = NULL;
	PIMAGE_FILE_HEADER pPEHeader = NULL;
	PIMAGE_OPTIONAL_HEADER32 pOptionHeader = NULL;
	PIMAGE_SECTION_HEADER pSectionHeader = NULL;
	
	pFileBuffer= ReadPEFile(lpszFile);
	if(!pFileBuffer)
	{
		printf("文件读取失败\n");
		return;
	}
	
	//MZ标志
	if(*((PWORD)pFileBuffer)!=IMAGE_DOS_SIGNATURE)
	{
		printf("不是有效的MZ标志\n");
		free(pFileBuffer);
		return;
	}
	
	pDosHeader = (PIMAGE_DOS_HEADER)pFileBuffer;
	
	//判断是否是有效的PE 
	if(*((PDWORD)((DWORD)pFileBuffer+pDosHeader->e_lfanew))!=IMAGE_NT_SIGNATURE)
	{
		printf("不是有效的PE标志\n");
		free(pFileBuffer);
		return;
	}

	pNTHeader = (PIMAGE_NT_HEADERS)((DWORD)pFileBuffer+pDosHeader->e_lfanew);
	pPEHeader = (PIMAGE_FILE_HEADER)(((DWORD)pNTHeader)+4);

	//可选择PE头
	pOptionHeader = (PIMAGE_OPTIONAL_HEADER32)((DWORD)pPEHeader+IMAGE_SIZEOF_FILE_HEADER);

	//节表的信息(分别打印)
	//确定节表的个数:
	int Section_Number = pPEHeader->NumberOfSections;
	pSectionHeader = (PIMAGE_SECTION_HEADER)((DWORD)pOptionHeader+pPEHeader->SizeOfOptionalHeader);
	
	//hListSection = GetDlgItem(hwndDlg,IDC_LIST_SECTION);
	HWND hListModule = GetDlgItem(hwndDlg,IDC_LIST_SECTION);
	ListView_DeleteAllItems(hListModule);
	
	TCHAR TempStr[10]={0};
	LVITEM lvi;

	ZeroMemory(&lvi,sizeof(lvi));
	lvi.mask	= LVIF_TEXT | LVIF_STATE;
	lvi.state		= 0;
	lvi.stateMask	= 0;
	

	for(int i=0;i<Section_Number;i++)
	{

		sprintf(TempStr,"%s",pSectionHeader->Name);
		lvi.iItem =i;
		lvi.pszText =TempStr;
		lvi.cchTextMax=sizeof(TempStr);
		ListView_InsertItem(hListModule,&lvi);
		sprintf(TempStr,"%08x",pSectionHeader->VirtualAddress);
		ListView_SetItemText(hListModule,i,1,TempStr);
		sprintf(TempStr,"%08x",pSectionHeader->Misc.VirtualSize);
		ListView_SetItemText(hListModule,i,2,TempStr);
		sprintf(TempStr,"%08x",pSectionHeader->PointerToRawData);
		ListView_SetItemText(hListModule,i,3,TempStr);
		sprintf(TempStr,"%08x",pSectionHeader->SizeOfRawData);
		ListView_SetItemText(hListModule,i,4,TempStr);
		sprintf(TempStr,"%08x",pSectionHeader->Characteristics);
		ListView_SetItemText(hListModule,i,5,TempStr);

		pSectionHeader = (PIMAGE_SECTION_HEADER)((DWORD)pSectionHeader+40);
	}
	//释放内存
	free(pFileBuffer);
}