//计算文件大小
fseek(fp, 0, SEEK_END);
FileSize = ftell(fp);
fseek(fp, 0, SEEK_SET);
//申请空间
PVOID pFileBuffer = malloc(FileSize);
//memset(pTempFileBuffer, NULL, FileSize);
if (pFileBuffer == NULL)
{
printf("pTempFileBuffer申请空间失败!\n");
return 0;
}
if (!fread(pFileBuffer, FileSize, 1, fp))
{
printf("文件读取失败\n");
return 0;
}
PIMAGE_DOS_HEADER pDos = NULL;
PIMAGE_NT_HEADERS pNt = NULL;
PIMAGE_FILE_HEADER pFile = NULL;
PIMAGE_OPTIONAL_HEADER pOptional = NULL;
PIMAGE_SECTION_HEADER pSection = NULL;
pDos = (PIMAGE_DOS_HEADER)pFileBuffer;
if (pDos->e_magic != IMAGE_DOS_SIGNATURE)
{
printf("不是有效的MZ标志\n");
return 0;
}
pNt = (PIMAGE_NT_HEADERS)((DWORD)pDos + pDos->e_lfanew);
if (pNt->Signature != IMAGE_NT_SIGNATURE)
{
printf("不是有效的PE标志\n");
return 0;
}
pFile = (PIMAGE_FILE_HEADER)((DWORD)pDos + pDos->e_lfanew + 4);
pOptional = (PIMAGE_OPTIONAL_HEADER)((DWORD)pFile + IMAGE_SIZEOF_FILE_HEADER);
pSection = (PIMAGE_SECTION_HEADER)((DWORD)pOptional + pFile->SizeOfOptionalHeader);
//为拉伸后的Pe文件申请空间
PVOID pImageBuffer = malloc(pOptional->SizeOfImage);
memset(pImageBuffer, 0, pOptional->SizeOfImage);
//拷贝PE头部
memcpy(pImageBuffer, pFileBuffer, pOptional->SizeOfHeaders);
//循环拷贝节表
PIMAGE_SECTION_HEADER pTempScetion = pSection;
for (size_t i = 0; i < pFile->NumberOfSections; i++)
{
memcpy((PVOID)((DWORD)pImageBuffer + pTempScetion->VirtualAddress), (PVOID)((DWORD)pFileBuffer + pTempScetion->PointerToRawData), pTempScetion->Misc.VirtualSize);
pTempScetion = (PIMAGE_SECTION_HEADER)((DWORD)pTempScetion + IMAGE_SIZEOF_SECTION_HEADER);
}
//创建线程
HANDLE hThread = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)((DWORD)pImageBuffer + pOptional->AddressOfEntryPoint), NULL, NULL, NULL);
if (hThread == NULL)
{
printf("线程创建失败\n");
return 0;
}
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
free(pFileBuffer);
free(pImageBuffer);
while (1);
return 0;
