var
aFile : hFile;
ofStruct : _OFSTRUCT;
BytesRead : Cardinal;
DosHeader : IMAGE_DOS_HEADER;
NtHeader : IMAGE_NT_HEADERS;
dwFileSize : DWORD;
pmemory : Pointer;
FirstSection : DWORD;
SectionNum : DWORD;
SectionHeaders :
Array[1..20]
of _IMAGE_SECTION_HEADER ;
// Das besagte Array
newSectionOffset : DWORD;
...
aFile := OpenFile(Pchar(Filename),ofStruct,OF_READ);
// Execuatble öffnen
dwFileSize := GetFileSize(aFile,
nil);
// Größe rausfinden
...
ReadFile(aFile,DosHeader,SizeOf(DosHeader),BytesRead,
nil)
// DosHeader einlesen
...
SetFilePointer(aFile, DosHeader._lfanew,
nil, FILE_BEGIN);
// FilePointer an den Anfang des Ntheaders setzen
...
ReadFile(aFile,NtHeader,SizeOf(NtHeader),BytesRead,
nil)
// NtHeader einlesen
...
FirstSection := DosHeader._lfanew + sizeof(IMAGE_NT_HEADERS);
// Addresse des ersten Sectionheaders
SectionNum := NtHeader.FileHeader.NumberOfSections;
// Anzahl an Sections
pmemory := Pointer(GlobalAlloc(GMEM_FIXED
or GMEM_ZEROINIT,dwFileSize));
//Speicher reservieren um die ganze Executable zu laden
SetFilePointer(aFile, 0,
nil, FILE_BEGIN);
// Filepointer auf Dateianfang
ReadFile(aFile,pmemory,dwFileSize,BytesRead,
nil);
// PE einlesen
Copymemory(@SectionHeaders,Pointer(Integer(pmemory)+FirstSection),SectionNum*SizeOf(_IMAGE_SECTION_HEADER));
//^^ Sectionheader einlesen