Traverse the PE file head.

Traverse the PE file header and enumerate the PE file section. The following is a basic method.

#include / * typedef struct SEH {DWORD PrevLink; // the address of the previous seh structure DWORD CurrentHandler; // the address of the new exception handler DWORD SafeOffset; // The offset where it's safe to continue execution DWORD prevesp; // the old value in esp dword prevebp; // the old value in eBp} seh; * /

Void Travelpe (const char * filename = "enumwindow.exe"; file * pfile = null; handle hMapping = null; void * pmapping = null; if (filename! = null) {Printf (" FileName is% s / n ", FileName); pFile = (FILE *) CreateFile (FileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (pFile) {printf (!" pFile right / n "); pMapping = CreateFileMapping (pFile, NULL, PAGE_READONLY, 0, 0, 0); if (pMapping!) {printf ( "pMapping right"); pMapping = MapViewOfFile (hMapping, FILE_MAP_READ, 0, 0,0); if (pMapping! ) {