如何解析C中的PE导出函数

此代码可以帮助您：

    HMODULE hModule = LoadLibrary(argv[1]);

    PIMAGE_DOS_HEADER dosHeader = (PIMAGE_DOS_HEADER)hModule;
    PIMAGE_NT_HEADERS ntHeaders = (PIMAGE_NT_HEADERS)((DWORD_PTR)hModule + dosHeader->e_lfanew);
    PIMAGE_EXPORT_DIRECTORY exportDirectory = (PIMAGE_EXPORT_DIRECTORY)((DWORD_PTR)hModule + ntHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);

    DWORD* addressOfFunctions = (DWORD*)(hModule + exportDirectory->AddressOfFunctions);
    DWORD* addressOfNames = (DWORD*)(hModule + exportDirectory->AddressOfNames);
    WORD* addressOfNameOrdinals = (WORD*)((DWORD_PTR)hModule + exportDirectory->AddressOfNameOrdinals);
    printf("******* DLL EXPORTS *******\n");
    printf("\t%i of functions\n\t%i of names\n",(int)exportDirectory->NumberOfFunctions,(int)exportDirectory->NumberOfNames);
    printf("\tordinal\t\thint\t\tRVA\t\tattribute\t\tname\n");
    for (DWORD i = 0; i < exportDirectory->NumberOfFunctions; i++)
    {
        DWORD functionRVA = addressOfFunctions[i];
        const char* functionName = NULL;

        for (DWORD j = 0; j < exportDirectory->NumberOfNames; j++)
        {
            if (addressOfNameOrdinals[j] == i)
            {
                functionName = ((const char*)hModule + addressOfNames[j]);
                break;
            }
        }

        if (functionName != NULL)
        {
            FARPROC functionAddress = GetProcAddress(hModule, functionName);
            printf("\t%i\t\t%02X\t\t%0002X\t\t      \t\t%s\n",  i + exportDirectory->Base,i,functionRVA,functionName);
        }
    }

    FreeLibrary(hModule);