2023-06-05 21:23:08 +00:00
|
|
|
#include <pe.h>
|
|
|
|
|
|
2023-08-04 11:28:30 +00:00
|
|
|
IMAGE_SECTION_HEADER *pe_find_section(HMODULE module, const char *section) {
|
2023-06-05 21:23:08 +00:00
|
|
|
char *cModule = (char*)module;
|
|
|
|
|
|
|
|
|
|
IMAGE_DOS_HEADER* dosHeader = (IMAGE_DOS_HEADER*)module;
|
|
|
|
|
IMAGE_NT_HEADERS64* ntHeaders = (IMAGE_NT_HEADERS64*)(cModule + dosHeader->e_lfanew);
|
|
|
|
|
|
2023-06-24 22:42:32 +00:00
|
|
|
WORD sectionCount = ntHeaders->FileHeader.NumberOfSections;
|
2023-06-05 21:23:08 +00:00
|
|
|
IMAGE_SECTION_HEADER* sectionHeader = (IMAGE_SECTION_HEADER*)(ntHeaders + 1);
|
|
|
|
|
|
2023-06-24 22:42:32 +00:00
|
|
|
for (WORD i = 0; i < sectionCount; i++) {
|
2023-06-05 21:23:08 +00:00
|
|
|
if (strncmp((char*)sectionHeader->Name, section, 8) == 0) {
|
2023-08-04 11:28:30 +00:00
|
|
|
return sectionHeader;
|
2023-06-05 21:23:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sectionHeader++;
|
|
|
|
|
}
|
2023-08-04 11:28:30 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
2023-06-05 21:23:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *pe_find_entry_point(HMODULE module) {
|
|
|
|
|
char *cModule = (char*)module;
|
|
|
|
|
|
|
|
|
|
IMAGE_DOS_HEADER* dosHeader = (IMAGE_DOS_HEADER*)module;
|
|
|
|
|
IMAGE_NT_HEADERS64* ntHeaders = (IMAGE_NT_HEADERS64*)(cModule + dosHeader->e_lfanew);
|
|
|
|
|
|
|
|
|
|
return cModule + ntHeaders->OptionalHeader.AddressOfEntryPoint;
|
|
|
|
|
}
|
