获取当前进程的IAT

#include <windows.h>  #include <stdio.h>    int main(int argc, char* argv[])  {      HMODULE hModule = ::GetModuleHandleA(NULL);      IMAGE_DOS_HEADER* pDosHeader = (IMAGE_DOS_HEADER*)hModule;      IMAGE_OPTIONAL_HEADER* pOpNtHeader = (IMAGE_OPTIONAL_HEADER*)((BYTE*)hModule + pDosHeader->e_lfanew + 24); //这里加24      IMAGE_IMPORT_DESCRIPTOR* pImportDesc = (IMAGE_IMPORT_DESCRIPTOR*)((BYTE*)hModule + pOpNtHeader->DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);        while (pImportDesc->FirstThunk)      {          char* pszDllName = (char*)((BYTE*)hModule + pImportDesc->Name);          printf("模块名称:%s\n", pszDllName);            DWORD n = 0;          //一个IMAGE_THUNK_DATA就是一个导入函数          IMAGE_THUNK_DATA* pThunk = (IMAGE_THUNK_DATA*)((BYTE*)hModule + pImportDesc->OriginalFirstThunk);          while (pThunk->u1.Function)          {              //取得函数名称              char* pszFuncName = (char*)((BYTE*)hModule+pThunk->u1.AddressOfData+2); //函数名前面有两个..              printf("function name:%-25s,  ", pszFuncName);              //取得函数地址              PDWORD lpAddr = (DWORD*)((BYTE*)hModule + pImportDesc->FirstThunk) + n; //从第一个函数的地址，以后每次+4字节              printf("addrss:%X\n", lpAddr);              n++; //每次增加一个DWORD              pThunk++;          }          printf("\n");          pImportDesc++;      }      return 0;  }