Page Menu
Home
desp's stash
Search
Configure Global Search
Log In
Files
F704740
PeParser.h
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
1 KB
Subscribers
None
PeParser.h
View Options
#pragma once
#include
<windows.h>
#include
<vector>
class
PeParser
{
public
:
PeParser
(
const
WCHAR
*
file
,
bool
readSectionHeaders
=
true
);
//PeParser(HANDLE hProcess, DWORD_PTR moduleBase, bool readSectionHeaders = true);
~
PeParser
();
bool
isValidPeFile
();
bool
isPE64
();
bool
isPE32
();
bool
isTargetFileSamePeFormat
();
WORD
getNumberOfSections
();
std
::
vector
<
IMAGE_SECTION_HEADER
>
&
getSectionHeaderList
();
bool
hasExportDirectory
();
bool
hasTLSDirectory
();
bool
hasRelocationDirectory
();
DWORD
getEntryPoint
();
bool
getSectionNameUnicode
(
const
int
sectionIndex
,
WCHAR
*
output
,
int
outputLen
);
private
:
const
WCHAR
*
filename
;
PIMAGE_DOS_HEADER
pDosHeader
;
PIMAGE_NT_HEADERS32
pNTHeader32
;
PIMAGE_NT_HEADERS64
pNTHeader64
;
std
::
vector
<
IMAGE_SECTION_HEADER
>
listSectionHeaders
;
BYTE
*
fileMemory
;
BYTE
*
headerMemory
;
bool
readPeHeader
(
bool
readSectionHeaders
);
bool
readFileToMemory
();
bool
hasDirectory
(
const
int
directoryIndex
);
bool
getSectionHeaders
();
bool
readPeHeaderFromProcess
(
HANDLE
hProcess
,
DWORD_PTR
moduleBase
);
};
File Metadata
Details
Attached
Mime Type
text/x-c++
Expires
Tue, Jun 9, 4:17 AM (1 d, 5 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
3a/b7/36ee345ce8c5b623aa40ea1a033c
Attached To
rSCY Scylla
Event Timeline
Log In to Comment