#include <iostream> 
#include <string> 
#include <Windows.h> 
 
using namespace std; 
 
//Dos Header 
 
typedef struct _BEGIN09_IMAGE_DOS_HEADER { // DOS .EXE header 
 
        WORD e_magic; // Magic number 
 
        WORD e_cblp; // Bytes on last page of file 
 
        WORD e_cp; // Pages in file 
 
        WORD e_crlc; // Relocations 
 
        WORD e_cparhdr; // Size of header in paragraphs 
 
        WORD e_minalloc; // Minimum extra paragraphs needed 
 
        WORD e_maxalloc; // Maximum extra paragraphs needed 
 
        WORD e_ss; // Initial (relative) SS value 
 
        WORD e_sp; // Initial SP value 
 
        WORD e_csum; // Checksum 
 
        WORD e_ip; // Initial IP value 
 
        WORD e_cs; // Initial (relative) CS value 
 
        WORD e_lfarlc; // File address of relocation table 
 
        WORD e_ovno; // Overlay number 
 
        WORD e_res[4]; // Reserved words 
 
        WORD e_oemid; // OEM identifier (for e_oeminfo) 
 
        WORD e_oeminfo; // OEM information; e_oemid specific 
 
        WORD e_res2[10]; // Reserved words 
 
        LONG e_lfanew; // File address of new exe header 
 
} BEGIN09_IMAGE_DOS_HEADER, *PBEGIN09_IMAGE_DOS_HEADER; 
 
//NT_Header 
 
typedef struct _BEGIN09_IMAGE_NT_HEADERS { 
        DWORD Signature; 
        IMAGE_FILE_HEADER FileHeader; 
        IMAGE_OPTIONAL_HEADER32 OptionalHeader; 
} BEGIN09_IMAGE_NT_HEADERS32, *PBEGIN09_IMAGE_NT_HEADERS32; 
 
//File Header 
 
typedef struct _BEGIN09_IMAGE_FILE_HEADER { 
        WORD Machine; 
        WORD NumberOfSections; 
        DWORD TimeDateStamp; 
        DWORD PointerToSymbolTable; 
        DWORD NumberOfSymbols; 
        WORD SizeOfOptionalHeader; 
        WORD Characteristics; 
} BEGIN09_IMAGE_FILE_HEADER, *PBEGIN09_IMAGE_FILE_HEADER; 
 
//Option Header 
 
typedef struct _BEGIN09_IMAGE_OPTIONAL_HEADER { 
        // 
 
        // Standard fields. 
 
        // 
 
 
        WORD Magic; 
        BYTE MajorLinkerVersion; 
        BYTE MinorLinkerVersion; 
        DWORD SizeOfCode; 
        DWORD SizeOfInitializedData; 
        DWORD SizeOfUninitializedData; 
        DWORD AddressOfEntryPoint; 
        DWORD BaseOfCode; 
        DWORD BaseOfData; 
 
        // 
 
        // NT additional fields. 
 
        // 
 
 
        DWORD ImageBase; 
        DWORD SectionAlignment; 
        DWORD FileAlignment; 
        WORD MajorOperatingSystemVersion; 
        WORD MinorOperatingSystemVersion; 
        WORD MajorImageVersion; 
        WORD MinorImageVersion; 
        WORD MajorSubsystemVersion; 
        WORD MinorSubsystemVersion; 
        DWORD Win32VersionValue; 
        DWORD SizeOfImage; 
        DWORD SizeOfHeaders; 
        DWORD CheckSum; 
        WORD Subsystem; 
        WORD DllCharacteristics; 
        DWORD SizeOfStackReserve; 
        DWORD SizeOfStackCommit; 
        DWORD SizeOfHeapReserve; 
        DWORD SizeOfHeapCommit; 
        DWORD LoaderFlags; 
        DWORD NumberOfRvaAndSizes; 
        IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; 
} BEGIN09_IMAGE_OPTIONAL_HEADER32, *PBEGIN09_IMAGE_OPTIONAL_HEADER32; 
 
//Data Dir 
 
typedef struct _BEGIN09_IMAGE_DATA_DIRECTORY { 
        DWORD VirtualAddress; 
        DWORD Size; 
} BEGIN09_IMAGE_DATA_DIRECTORY, *PBEGIN09_IMAGE_DATA_DIRECTORY; 
 
//Sec Header 
 
typedef struct _BEGIN09_IMAGE_SECTION_HEADER { 
        BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; 
        union { 
                DWORD PhysicalAddress; 
                DWORD VirtualSize; 
        } Misc; 
        DWORD VirtualAddress; 
        DWORD SizeOfRawData; 
        DWORD PointerToRawData; 
        DWORD PointerToRelocations; 
        DWORD PointerToLinenumbers; 
        WORD NumberOfRelocations; 
        WORD NumberOfLinenumbers; 
        DWORD Characteristics; 
} BEGIN09_IMAGE_SECTION_HEADER, *PBEGIN09_IMAGE_SECTION_HEADER; 
 
int main() 
{ 
         
        BEGIN09_IMAGE_DOS_HEADER                        *pDos_Header = NULL; 
        BEGIN09_IMAGE_NT_HEADERS32                        *pNt_Header = NULL; 
        BEGIN09_IMAGE_SECTION_HEADER                *pSection_Header = NULL; 
        int                                                                        nFileSize = 0x400; 
        int                                                                        nRetCode = 0; 
        BYTE                                                         *pByteBuffer = NULL; 
        size_t nReadBytes = 0; 
         
         
        FILE *pFileOpen = fopen( "C:\\Documents and Settings\\Administrator\\桌面\\PE\\PE\\ASM.exe" , "r+b" ); 
        if ( NULL == pFileOpen ) 
        { 
                goto Exit0; 
        } 
         
         pByteBuffer = new BYTE[ nFileSize + 1 ]; 
         if ( NULL == pByteBuffer ) 
         { 
                 goto Exit0; 
         } 
 
         memset( pByteBuffer, 0, nFileSize + 1); 
                    
         nReadBytes = fread( pByteBuffer, sizeof(BYTE), nFileSize, pFileOpen); 
         if ( nReadBytes == 0 ) 
         { 
                 goto Exit0; 
        } 
    
         pDos_Header = (BEGIN09_IMAGE_DOS_HEADER*) (pByteBuffer); 
         if ( NULL == pDos_Header ) 
         { 
                 goto Exit0; 
         } 
    
         pNt_Header = ( BEGIN09_IMAGE_NT_HEADERS32* ) ( pByteBuffer + pDos_Header->e_lfanew ); 
         if ( NULL == pNt_Header ) 
         { 
                 goto Exit0; 
         } 
            
         pSection_Header = ( BEGIN09_IMAGE_SECTION_HEADER* ) ( pByteBuffer + pDos_Header->e_lfanew + sizeof(DWORD) + sizeof(BEGIN09_IMAGE_FILE_HEADER) + pNt_Header->FileHeader.SizeOfOptionalHeader ); 
         if ( NULL == pSection_Header) 
         { 
                 goto Exit0; 
         } 
 
         nRetCode = 1; 
         
        cout<<"此程序的运行平台为:"<<endl; 
         if ( 0x014C == pNt_Header->FileHeader.Machine ) 
         { 
                 cout<<"运行平台为 Intel 386"<<endl; 
         } 
         else 
         { 
                 cout<<"未知的运行平台"<<endl; 
         } 
    
         cout<<"此文件程序入口为:"<<endl; 
         cout<<pNt_Header->OptionalHeader.AddressOfEntryPoint; 
         cout<<"此程序一共有多少个节:"<<endl; 
         cout<<pNt_Header->FileHeader.NumberOfSections<<endl; 
         cout<<"此程序的基地址为:"<<endl; 
         cout<<pNt_Header->OptionalHeader.ImageBase<<endl; 
 
Exit0: 
        return nRetCode; 
}