#include<stdio.h>#include<windows.h>char *strPath="C:/c1_hwv3/Debug/c1_hwv3.exe";int main(){  IMAGE_DOS_HEADER myDosHeader;  LONG e_lfanew;  FILE *pFile;  pFile=fopen(strPath,"rb+");  fread(&myDosHeader,sizeof(IMAGE_DOS_HEADER),1,pFile);  e_lfanew=myDosHeader.e_lfanew;  IMAGE_FILE_HEADER myFileHeader;  int nSectionCount;  fseek(pFile,(e_lfanew+sizeof(DWORD)),SEEK_SET);  fread(&myFileHeader,sizeof(IMAGE_FILE_HEADER),1,pFile);  nSectionCount=myFileHeader.NumberOfSections;  IMAGE_SECTION_HEADER *pmySectionHeader=    (IMAGE_SECTION_HEADER *)calloc(nSectionCount,sizeof(IMAGE_SECTION_HEADER));  fseek(pFile,(e_lfanew+sizeof(IMAGE_NT_HEADERS)),SEEK_SET);  fread(pmySectionHeader,sizeof(IMAGE_SECTION_HEADER),nSectionCount,pFile);  for(int i=0;i<nSectionCount;i++,pmySectionHeader++)  {    printf("Name: %s/n", pmySectionHeader->Name);    printf("union_PhysicalAddress: %08x/n", pmySectionHeader->Misc.PhysicalAddress);    printf("union_VirtualSize: %04x/n", pmySectionHeader->Misc.VirtualSize);    printf("VirtualAddress: %08x/n", pmySectionHeader->VirtualAddress);    printf("SizeOfRawData: %08x/n", pmySectionHeader->SizeOfRawData);    printf("PointerToRawData: %04x/n", pmySectionHeader->PointerToRawData);    printf("PointerToRelocations: %04x/n", pmySectionHeader->PointerToRelocations);    printf("PointerToLinenumbers: %04x/n", pmySectionHeader->PointerToLinenumbers);    printf("NumberOfRelocations: %04x/n", pmySectionHeader->NumberOfRelocations);    printf("NumberOfLinenumbers: %04x/n", pmySectionHeader->NumberOfLinenumbers);    printf("Charateristics: %04x/n", pmySectionHeader->Characteristics);  }//  pmySectionHeader-=m_nSectionCount;  if(pmySectionHeader!=NULL)  {    free(pmySectionHeader);    pmySectionHeader=NULL;  }  fclose(pFile);  return 0;}

Name: .textunion_PhysicalAddress: 00022350union_VirtualSize: 22350VirtualAddress: 00001000SizeOfRawData: 00023000PointerToRawData: 1000PointerToRelocations: 0000PointerToLinenumbers: 0000NumberOfRelocations: 0000NumberOfLinenumbers: 0000Charateristics: 60000020Name: .rdataunion_PhysicalAddress: 00001615union_VirtualSize: 1615VirtualAddress: 00024000SizeOfRawData: 00002000PointerToRawData: 24000PointerToRelocations: 0000PointerToLinenumbers: 0000NumberOfRelocations: 0000NumberOfLinenumbers: 0000Charateristics: 40000040Name: .dataunion_PhysicalAddress: 00005650union_VirtualSize: 5650VirtualAddress: 00026000SizeOfRawData: 00004000PointerToRawData: 26000PointerToRelocations: 0000PointerToLinenumbers: 0000NumberOfRelocations: 0000NumberOfLinenumbers: 0000Charateristics: c0000040Name: .idataunion_PhysicalAddress: 00000b23union_VirtualSize: 0b23VirtualAddress: 0002c000SizeOfRawData: 00001000PointerToRawData: 2a000PointerToRelocations: 0000PointerToLinenumbers: 0000NumberOfRelocations: 0000NumberOfLinenumbers: 0000Charateristics: c0000040Name: .relocunion_PhysicalAddress: 00000f00union_VirtualSize: 0f00VirtualAddress: 0002d000SizeOfRawData: 00001000PointerToRawData: 2b000PointerToRelocations: 0000PointerToLinenumbers: 0000NumberOfRelocations: 0000NumberOfLinenumbers: 0000Charateristics: 42000040

#include <windows.h>#include <stdio.h>#define MAX_SECTION_NUM  16#define MAX_IMPDESC_NUM  64 HANDLE hHeap;PIMAGE_DOS_HEADER pDosHeader;PCHAR  pDosStub;DWORD  dwDosStubSize;DWORD  dwDosStubOffset;PIMAGE_NT_HEADERS      pNtHeaders;PIMAGE_FILE_HEADER     pFileHeader;PIMAGE_OPTIONAL_HEADER32  pOptHeader;PIMAGE_SECTION_HEADER  pSecHeaders;PIMAGE_SECTION_HEADER  pSecHeader[MAX_SECTION_NUM];WORD wSecNum;PBYTE pSecData[MAX_SECTION_NUM];DWORD dwSecSize[MAX_SECTION_NUM];DWORD dwFileSize; void OutputPEInMem(HANDLE hd){  // 請在這里填入你的代碼  DWORD             dwBase;  dwBase = (DWORD)hd;  pDosHeader = (PIMAGE_DOS_HEADER)dwBase;  pNtHeaders = (PIMAGE_NT_HEADERS)(dwBase + pDosHeader->e_lfanew);  pOptHeader = &(pNtHeaders->OptionalHeader);  pFileHeader = &(pNtHeaders->FileHeader);  printf("Address Of Entry Point: 0x%08x/n", pOptHeader->AddressOfEntryPoint);  printf("ImageBase: 0x%08x/n", pOptHeader->ImageBase);  printf("Number Of Sections: %d/n", pFileHeader->NumberOfSections);  printf("Size Of Image: 0x%04x/n", pOptHeader->SizeOfImage);  return;} int main(int argc, char *argv[]){  DWORD pid = 0;  pid=atoi(argv[1]);  HANDLE hd=OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid);     LPCSTR lpszFileName = "hello.exe";  LPCSTR lpszInjFileName = "hello_inj0.exe";      OutputPEInMem(hd);  hHeap = GetProcessHeap();   if (! CopyPEFileToMem(lpszFileName)) {    return 1;  }  return 0;}