📄 optionalheader.pas
字号:
{******************************************************************************}
{Copyright(C) 2007,Pefine Security Lab }
{All rights reserved. }
{ }
{Abstract:View Win32 PE file information. }
{ }
{Version:1.01 }
{Author:WindRand }
{Date:2007-01-20 }
{******************************************************************************}
unit OptionalHeader;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls;
type
TOptionalHeaderFrm = class(TForm)
GroupBox1: TGroupBox;
Label1: TLabel;
Label2: TLabel;
Label3: TLabel;
Label4: TLabel;
Label5: TLabel;
Label6: TLabel;
Label7: TLabel;
Label8: TLabel;
Label9: TLabel;
Label10: TLabel;
Label11: TLabel;
Label12: TLabel;
Label13: TLabel;
Label14: TLabel;
Label15: TLabel;
Label16: TLabel;
OEdit1: TEdit;
OEdit2: TEdit;
OEdit3: TEdit;
OEdit4: TEdit;
OEdit5: TEdit;
OEdit6: TEdit;
OEdit7: TEdit;
OEdit8: TEdit;
OEdit9: TEdit;
OEdit10: TEdit;
OEdit11: TEdit;
OEdit12: TEdit;
OEdit13: TEdit;
OEdit14: TEdit;
OEdit15: TEdit;
OEdit16: TEdit;
Label17: TLabel;
Label18: TLabel;
Label19: TLabel;
Label20: TLabel;
Label21: TLabel;
Label22: TLabel;
Label23: TLabel;
Label24: TLabel;
Label25: TLabel;
Label26: TLabel;
Label27: TLabel;
Label28: TLabel;
Label29: TLabel;
Label30: TLabel;
OEdit17: TEdit;
OEdit18: TEdit;
OEdit19: TEdit;
OEdit20: TEdit;
OEdit21: TEdit;
OEdit22: TEdit;
OEdit23: TEdit;
OEdit24: TEdit;
OEdit25: TEdit;
OEdit26: TEdit;
OEdit27: TEdit;
OEdit28: TEdit;
OEdit29: TEdit;
OEdit30: TEdit;
Panel1: TPanel;
Button1: TButton;
SubBtn: TButton;
procedure FormShow(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure SubBtnClick(Sender: TObject);
private
procedure FreeHandle(hFile,mFile:Thandle);
public
{ Public declarations }
end;
var
OptionalHeaderFrm: TOptionalHeaderFrm;
implementation
uses Main,JwaWinNT,SubSystem,PublicUnit;
{$R *.dfm}
procedure TOptionalHeaderFrm.FormShow(Sender: TObject);
begin
//Interface center
With OptionalHeaderFrm do
begin
Left:=(Screen.Width div 2)-(Width div 2);
Top:=(Screen.Height div 2)-(Height div 2);
end;
end;
procedure TOptionalHeaderFrm.FreeHandle(hFile,mFile:Thandle);
begin
CloseHandle(hFile);
CloseHandle(mFile);
end;
procedure TOptionalHeaderFrm.Button1Click(Sender: TObject);
begin
Close;
end;
procedure TOptionalHeaderFrm.FormCreate(Sender: TObject);
var
FileNameStr:String;
ImageDosHeader:PIMAGEDOSHEADER;
ImageNTHeaders:PIMAGENTHEADERS;
hFile,mFile:THandle;
hView:Pointer;
vBase:LongWord;
begin
FileNameStr:=MainFrm.PublicFileNameStr;
hFile:=CreateFile(PChar(FileNameStr),GENERIC_READ,FILE_SHARE_READ,nil,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0);
if hFile=INVALID_HANDLE_VALUE then
begin
MessageBox(Handle,'Open file error!','Information',MB_OK+MB_ICONERROR);
CloseHandle(hFile);
Exit;
end;
mFile:=CreateFileMapping(hFile,nil,PAGE_READONLY,0,0,nil);
if mFile=0 then
begin
MessageBox(Handle,'Cannot open the file for memory mapping!','Information',MB_OK+MB_ICONERROR);
CloseHandle(hFile);
Exit;
end;
hView:=MapViewOfFile(mFile,FILE_MAP_READ,0,0,0);
if hView=nil then
begin
MessageBox(Handle,'Cannot map the file into memory!','Information',MB_OK+MB_ICONERROR);
FreeHandle(hFile,mFile);
Exit;
end;
ImageDosHeader:=PImageDosHeader(hView);
if ImageDosHeader.e_magic<>IMAGE_DOS_SIGNATURE then
begin
MessageBox(Handle,'This file is not a valid PE!','Information',MB_OK+MB_ICONERROR);
FreeHandle(hFile,mFile);
Exit;
end;
vBase:=LongWord(ImageDosHeader);
ImageNTHeaders:=PIMAGENTHEADERS(vBase+LongWord(ImageDosHeader.e_lfanew));
if ImageNTHeaders.Signature<>IMAGE_NT_SIGNATURE then
begin
MessageBox(Handle,'This file is not a valid PE。','Information',MB_OK+MB_ICONINFORMATION);
FreeHandle(hFile,mFile);
Exit;
end;
OEdit1.Text:=IntToHex(ImageNTHeaders.OptionalHeader.Magic,4);
OEdit2.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MajorLinkerVersion,2);
OEdit3.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MinorLinkerVersion,2);
OEdit4.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfCode,8);
OEdit5.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfInitializedData,8);
OEdit6.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfUninitializedData,8);
OEdit7.Text:=IntToHex(ImageNTHeaders.OptionalHeader.AddressOfEntryPoint,8);
OEdit8.Text:=IntToHex(ImageNTHeaders.OptionalHeader.BaseOfCode,8);
OEdit9.Text:=IntToHex(ImageNTHeaders.OptionalHeader.BaseOfData,8);
OEdit10.Text:=IntToHex(ImageNTHeaders.OptionalHeader.ImageBase,8);
OEdit11.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SectionAlignment,8);
OEdit12.Text:=IntToHex(ImageNTHeaders.OptionalHeader.FileAlignment,8);
OEdit13.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MajorOperatingSystemVersion,4);
OEdit14.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MinorOperatingSystemVersion,4);
OEdit15.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MajorImageVersion,4);
OEdit16.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MinorImageVersion,4);
OEdit17.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MajorSubsystemVersion,4);
OEdit18.Text:=IntToHex(ImageNTHeaders.OptionalHeader.MinorSubsystemVersion,4);
OEdit19.Text:=IntToHex(ImageNTHeaders.OptionalHeader.Win32VersionValue,8);
OEdit20.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfImage,8);
OEdit21.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfHeaders,8);
OEdit22.Text:=IntToHex(ImageNTHeaders.OptionalHeader.CheckSum,8);
OEdit23.Text:=IntToHex(ImageNTHeaders.OptionalHeader.Subsystem,4);
OEdit24.Text:=IntToHex(ImageNTHeaders.OptionalHeader.DllCharacteristics,4);
OEdit25.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfStackReserve,8);
OEdit26.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfStackCommit,8);
OEdit27.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfHeapReserve,8);
OEdit28.Text:=IntToHex(ImageNTHeaders.OptionalHeader.SizeOfHeapCommit,8);
OEdit29.Text:=IntToHex(ImageNTHeaders.OptionalHeader.LoaderFlags,8);
OEdit30.Text:=IntToHex(ImageNTHeaders.OptionalHeader.NumberOfRvaAndSizes,8);
UnmapViewOfFile(hView);
FreeHandle(hFile,mFile);
end;
procedure TOptionalHeaderFrm.SubBtnClick(Sender: TObject);
begin
with TSubSystemFrm.Create(self) do
begin
Left:=(Screen.Width div 2)-(Width div 2);
Top:=(Screen.Height div 2)-(Height div 2);
Case StrToHex(OEdit23.Text) of
0:FlagRadio.ItemIndex:=0;
1:FlagRadio.ItemIndex:=1;
2:FlagRadio.ItemIndex:=2;
3:FlagRadio.ItemIndex:=3;
4:FlagRadio.ItemIndex:=4;
5:FlagRadio.ItemIndex:=5;
6:FlagRadio.ItemIndex:=6;
7:FlagRadio.ItemIndex:=7;
8:FlagRadio.ItemIndex:=8;
9:FlagRadio.ItemIndex:=9;
10:FlagRadio.ItemIndex:=10;
11:FlagRadio.ItemIndex:=11;
12:FlagRadio.ItemIndex:=12;
end;
ValueLabel.Caption:=OEdit23.Text;
if ShowModal=mrok then
begin
Case FlagRadio.ItemIndex of
0:OEdit23.Text:='0000';
1:OEdit23.Text:='0001';
2:OEdit23.Text:='0002';
3:OEdit23.Text:='0003';
4:OEdit23.Text:='0005';
5:OEdit23.Text:='0007';
6:OEdit23.Text:='0008';
7:OEdit23.Text:='0009';
8:OEdit23.Text:='000A';
9:OEdit23.Text:='000B';
10:OEdit23.Text:='000C';
11:OEdit23.Text:='000D';
12:OEdit23.Text:='000E';
end;
end;
end;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -