所以我将 paltalk.exe 作为参数加载到我的 C++ 命令行程序中,我得到了这个输出:
[Walk_Imports]: Imported DLL [0] WSOCK32.dll
--------------------------------------------------
[Import_By_Ordinal]: address: 80000016
[Import_By_Ordinal]: address: 80000003
[Import_By_Ordinal]: address: 80000073
[Import_By_Ordinal]: address: 80000017
[Import_By_Ordinal]: address: 80000015
[Import_By_Ordinal]: address: 8000000B
[Import_By_Ordinal]: address: 80000014
[Import_By_Ordinal]: address: 8000000E
[Import_By_Ordinal]: address: 8000000A
[Import_By_Ordinal]: address: 80000034
[Import_By_Ordinal]: address: 80000011
[Import_By_Ordinal]: address: 80000013
[Import_By_Ordinal]: address: 80000010
[Import_By_Ordinal]: address: 80000009
[Import_By_Ordinal]: address: 80000002
[Import_By_Ordinal]: address: 80000008
[Import_By_Ordinal]: address: 8000006F
[Import_By_Ordinal]: address: 80000097
[Import_By_Ordinal]: address: 80000012
[Import_By_Ordinal]: address: 80000004
[Import_By_Ordinal]: address: 8000000F
[Import_By_Ordinal]: address: 8000000C
22 functions imported (22 ordinal)
Paltalk 导入 wsock32.dll 好消息。我走它的进口,我看到那里所有的序数名称。
我如何获取这些导入序数名称并使用 c 或 c++ 加载 wsock32.dll 并遍历其导出表以匹配序数名称与相应的函数名称?
我希望这些信息足以解决我的问题。如果没有,我可以添加更多信息。
谢谢
最佳答案
关于可移植可执行基础设施的广泛问题,请查看 Matt Pietrek http://www.wheaty.net以及他如何在 PEDUMP 中实现对此类细节的检索(提供的代码)。
关于c++ - 获取 .exe 模块导入表序号并查找导入模块函数名称?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14151556/