windows下检查PE格式文件(c语言)

windows下检查PE格式文件(c语言)


#include <windows.h>
#include <stdio.h>

int main()
{
HANDLE hFile;
IMAGE_DOS_HEADER dosHeader;
IMAGE_NT_HEADERS ntHeader;
DWORD dwRead;

hFile = CreateFile("D:\\software\\eclipse\\eclipse.exe", GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if(hFile == INVALID_HANDLE_VALUE)
{
printf("file not found!\n");
}
ReadFile(hFile, &dosHeader, sizeof(dosHeader), &dwRead, NULL);
if(dwRead == sizeof(dosHeader))
{
if(dosHeader.e_magic == IMAGE_DOS_SIGNATURE)
{
if(SetFilePointer(hFile, dosHeader.e_lfanew, NULL, FILE_BEGIN) != -1)
{
ReadFile(hFile, &ntHeader, sizeof(ntHeader), &dwRead, NULL);
if(dwRead == sizeof(ntHeader))
{
if(ntHeader.Signature == IMAGE_NT_SIGNATURE)
{
printf("it's a pe file!\n");
return 1;
}
}
}
}
}
printf("it's not a pe file!\n");
return 0;
}
展开阅读全文

没有更多推荐了,返回首页