PE parsing - IMAGE_DOS_HEADER

PE 헤더의 IMAGE_DOS_HEADER 구조체를 파싱합니다

 

int main(void)
{
	HMODULE module_base = GetModuleHandle(NULL);
	LPVOID base_addr = (LPVOID)module_base;

	PIMAGE_DOS_HEADER dos_header = (PIMAGE_DOS_HEADER)base_addr;

	std::cout << std::hex << dos_header->e_magic << std::endl;
	std::cout << std::hex << dos_header->e_lfanew << std::endl;

	return 0;
}

IMAGE_DOS_HEADER->e_magic 은 5A 4D

IMAGE_DOS_HEADER->e_lfanew 는 F0

 

PEview로 확인