I'm going freaking insane over this code. Why in the world won't it return the correct data?
I just cannot see where I'm going wrong, beginning to suspect microsoft for provoding me with the wrong structures.Code:#include <windows.h> #include <iostream> using namespace std; int main() { HANDLE hFile = CreateFile(L"C:\\offer.exe",GENERIC_READ|GENERIC_WRITE,0,NULL,OPEN_ALWAYS,0,NULL); cout << "File handle: " << hFile << endl; DWORD fsize=GetFileSize(hFile,NULL); DWORD buffersize=fsize;//+0x2000; BYTE *buffer = new BYTE[buffersize]; DWORD read; ReadFile(hFile,buffer,fsize,&read,NULL); // Get the IMAGE_DOS_HEADER, this works ok.. IMAGE_DOS_HEADER *idh = (IMAGE_DOS_HEADER*)buffer; cout << "DOS signature: " << idh->e_magic << endl; if (idh->e_magic!=IMAGE_DOS_SIGNATURE) cout << "DOS signature mismatch!" << endl; // This screws up for some reason IMAGE_NT_HEADERS *inh = (IMAGE_NT_HEADERS*)idh+idh->e_lfanew; cout << "NT signature: " << inh->Signature << endl; if (inh->Signature!=IMAGE_NT_SIGNATURE) cout << "NT signature mismatch!" << endl; delete []buffer; CloseHandle(hFile); }
Reply With Quote
