// export_test.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "windows.h"
int export_jixi(unsigned long pmodule ,char *function)
{
if(pmodule == 0)
return -1;
if(IMAGE_DOS_SIGNATURE != *(unsigned short*)pmodule)
return -1;
unsigned long peheader=pmodule + *(unsigned long*)(pmodule + 0x3C);
if(IMAGE_NT_SIGNATURE != *(unsigned long*)peheader)
return -1;
unsigned long export=*(unsigned long*)(peheader + 0x78) + pmodule;
if(export == pmodule)
return -1;
unsigned long base=0;
unsigned long numoffunction=0;
unsigned long numofname=0;
unsigned long *addrofname=NULL;
unsigned long *addroffunction=NULL;
unsigned short *addroforgname=NULL;
//printf("base:%d name:%s\r\n" ,*(unsigned long*)(export+0x10) ,*(unsigned long*)(export+0x0C)+pmodule);
numoffunction = *(unsigned long*)(export + 0x14);
numofname = *(unsigned long*)(export + 0x18);
//printf("numoffunction :%d ,numofname :%d \r\n" ,numoffunction ,numofname);
addrofname = (unsigned long*)(*(unsigned long*)(export + 0x20) + pmodule);
addroforgname = (unsigned short*)(*(unsigned long*)(export + 0x24) + pmodule);
addroffunction = (unsigned long*)(*(unsigned long*)(export + 0x1C) + pmodule);
int index=0;
for (int i=0 ;i<numofname ;i++)
{
if(!strncmp(function ,(char*)(addrofname[i]+pmodule) ,strlen(function)))
{
index =base + addroforgname[i];
return addroffunction[index] + pmodule;
}
}
return 0;
}
int main(int argc, char* argv[])
{
HMODULE hlib=LoadLibrary("kernel32");
printf("%x\r\n" ,export_jixi((unsigned long)hlib ,"GetProcAddress"));
return 0;
}