#include "stdafx.h"#include <Windows.h>#include <stdlib.h>//Begin protot

1. #include "stdafx.h"
2. #include <Windows.h>
3. #include <stdlib.h>
4.  
5. //Begin prototypes
6. void usage();
7.  
8. //Begin main entrypoint
9. int _tmain(int argc, _TCHAR* argv[])
10. {
11.  
12.     //Check we have correct amount of arguments
13.     if(argc != 2)
14.     {
15.         usage();
16.         return 0;
17.     }
18.  
19.     HANDLE hInFile, hMappedFile, pMemFile;
20.     TCHAR* cInFilePath = argv[1];
21.  
22.     hInFile = CreateFile(   cInFilePath,
23.                             GENERIC_READ,
24.                             FILE_SHARE_READ|FILE_SHARE_WRITE,
25.                             NULL,
26.                             OPEN_EXISTING,
27.                             FILE_FLAG_SEQUENTIAL_SCAN,
28.                             NULL);
29.  
30.     if(hInFile == INVALID_HANDLE_VALUE)
31.     {
32.         printf("Error '%d' opening file: %s\n", GetLastError(), argv[1]);
33.         return 1;
34.     }
35.  
36.     DWORD dwFLen = GetFileSize(hInFile, NULL);
37.  
38.     hMappedFile = CreateFileMapping(    hInFile,
39.                                         NULL,
40.                                         PAGE_READONLY | SEC_COMMIT,
41.                                         0,
42.                                         dwFLen,
43.                                         NULL);
44.     if(hMappedFile == NULL)
45.     {
46.         printf("Error '%d' creating mapping of input file\n", GetLastError());
47.         return 2;
48.     }
49.  
50.     pMemFile = MapViewOfFile(   hMappedFile,
51.                                 FILE_MAP_READ,
52.                                 0,
53.                                 0,
54.                                 dwFLen);
55.  
56.     if(pMemFile == NULL)
57.     {
58.         printf("Error '%d' mapping view of file!\n", GetLastError());
59.         return 3;
60.     }
61.  
62.     //Primary pointers to DOS and NT header structures
63.     PIMAGE_DOS_HEADER pImgDosHeader;
64.     PIMAGE_NT_HEADERS pImgNtHeaders;
65.  
66.     //Get the DOS stub of the module and verify
67.     pImgDosHeader = (PIMAGE_DOS_HEADER)pMemFile;
68.     if(pImgDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
69.     {
70.         printf("File does not have a valid DOS stub.\n");
71.         return 4;
72.     }
73.  
74.     //Get pointer to the NT header from the module and verify
75.     pImgNtHeaders = (PIMAGE_NT_HEADERS)((DWORD)pMemFile + (DWORD)pImgDosHeader->e_lfanew);
76.     if(pImgNtHeaders->Signature != IMAGE_NT_SIGNATURE)
77.     {
78.         printf("Invalid NT header.\n");
79.         return 5;
80.     }
81.  
82.     //Get a pointer to the import table
83.     PIMAGE_IMPORT_DESCRIPTOR piidImportTableAddr;
84.     piidImportTableAddr = (PIMAGE_IMPORT_DESCRIPTOR)(pImgNtHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress + (DWORD)pMemFile);
85.  
86.     while(piidImportTableAddr->FirstThunk != 0)
87.     {
88.  
89.         //Itterate over every IMAGE_IMPORT_DESCRIPTOR structure, extracting the names of the DLLs to import
90.         char* name = (char*)(piidImportTableAddr->Name + (DWORD)pMemFile);
91.  
92.         //Do nothing for now
93.  
94.         piidImportTableAddr++;
95.     }
96.  
97.     //Close handles
98.     UnmapViewOfFile(pMemFile);
99.     CloseHandle(hMappedFile);
100.     CloseHandle(hInFile);
101.  
102.     return 0;
103. }
104.  
105. void usage(void)
106. {
107.     printf("Usage: \n");
108.     printf("inputfile\n");
109. }
110.