#define  SIZEOF_SECTIONHEADER 0x28
DWORD RVA_To_FOA(LPVOID  lpImageBase, DWORD dwImageRVA)
{
    //1.判断文件对齐与内存对齐是否一样  判断 dwRVA与ImageBase的大小 是否为正确的虚拟地址
    //2.获得在内存中的RVA （dwVirtualAddress-dwImageBase）
    //3.判断RVA在哪个节中（循环判断 循环次数为节表的数量 节表中的virtualaddress RVA要大于一个节的开始地址  小于下一个节的起始地址）
    //4.用内存中的RVA -virtualaddress 得到相对于节的偏移
    //5.返回 PointerToRawData+（RVA -virtualaddress）
    if (!lpImageBase)
    {
        return 0;
    }

    DWORD  lfanew = *(DWORD*)((PCHAR)lpImageBase + 0x3c) + (DWORD)lpImageBase;

    DWORD SectionTable = (DWORD)(&PIMAGE_NT_HEADERS32(lfanew)->OptionalHeader.Magic) + sizeof(IMAGE_OPTIONAL_HEADER32);
    if (!SectionTable)
    {
       
        return -1;
    }
    WORD dwNumberOfSection = PIMAGE_NT_HEADERS32(lfanew)->FileHeader.NumberOfSections;
    int i = 0;
    DWORD dwRVA = 0;
    while (i < dwNumberOfSection)
    {
        DWORD dwSecVir = *((DWORD*)SectionTable + 0xc / 4 + i * SIZEOF_SECTIONHEADER / 4);
        DWORD dwSizeofSec = *((DWORD*)SectionTable + 0x10 / 4 + i * SIZEOF_SECTIONHEADER / 4);
        if (dwImageRVA >= dwSecVir && dwImageRVA < dwSecVir + dwSizeofSec)
        {
            dwRVA = dwImageRVA - *((DWORD*)SectionTable + 0xc / 4 + i * SIZEOF_SECTIONHEADER / 4);
            DWORD PointerToRawData = *((DWORD*)SectionTable + 0x14 / 4 + i * SIZEOF_SECTIONHEADER / 4);
            return PointerToRawData + dwRVA;
        }
        i++;

    }
    return -1;
}