windows 导出模块获取及dos内存结构剖析

include "stdafx.h"#include <iostream>#include <windows.h>#include <string.h>using namespace std;int main(){    HMODULE hMod = ::GetModuleHandle(NULL);    //获取dos头    IMAGE_DOS_HEADER *pDosHeader = (IMAGE_DOS_HEADER *)hMod;    //获取选项头    IMAGE_OPTIONAL_HEADER *pOptHeader = (IMAGE_OPTIONAL_HEADER *)((BYTE *)hMod +         pDosHeader->e_lfanew + 24);    getchar();    //获取导入表基址    IMAGE_IMPORT_DESCRIPTOR *pImportDes = (IMAGE_IMPORT_DESCRIPTOR *)((BYTE *)hMod +        pOptHeader->DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);    while (pImportDes->FirstThunk)    {        char *pszDllName = (char *)((BYTE*)hMod + pImportDes->Name);        cout << "模块名：" << pszDllName << endl;        IMAGE_THUNK_DATA *pThunk = (IMAGE_THUNK_DATA *)((BYTE *)hMod +            pImportDes->OriginalFirstThunk);        int n = 0;        while (pThunk->u1.Function)        {            //获取导入函数名称            char *pFunName = (char*)((BYTE *)hMod +                 (DWORD)pThunk->u1.AddressOfData + 2);            //获取导入函数地址            PDWORD lpAddr = (DWORD*)((BYTE *)hMod +                 pImportDes->FirstThunk) + n;            //打印函h数名和函数表            printf("从此模块导入的函数：%-30s", pFunName);            //printf("\t函数名称: %-10s", pFunName);            printf("函数地址: %X\n", lpAddr);            n++;            pThunk++;        }        pImportDes++;    }    return 0;}