.NET

// ConsoleApplication26.cpp: 定义控制台应用程序的入口点。
//

#include "stdafx.h"
#include <Windows.h>
typedef ULONG_PTR TADDR;
#define VAL16(x) x
#define VAL32(x) x
#define DPTR(type) type*
#define ALIGN4BYTE(val) (((val) + 3) & ~0x3)
typedef DPTR(IMAGE_DOS_HEADER) PTR_IMAGE_DOS_HEADER;
typedef DPTR(IMAGE_NT_HEADERS) PTR_IMAGE_NT_HEADERS;
typedef DPTR(IMAGE_DATA_DIRECTORY) PTR_IMAGE_DATA_DIRECTORY;
typedef DPTR(IMAGE_COR20_HEADER) PTR_IMAGE_COR20_HEADER;

struct STORAGEHEADER
{
public:
BYTE fFlags;
BYTE pad;
USHORT iStreams;
public:
BYTE GetFlags()
{
return fFlags;
}
void SetFlags(BYTE flags)
{
fFlags = flags;
}
void AddFlags(BYTE flags)
{
fFlags |= flags;
}


USHORT GetiStreams()
{
return VAL16(iStreams);
}
void SetiStreams(USHORT iStreamsCount)
{
iStreams = VAL16(iStreamsCount);
}
};


struct STORAGESIGNATURE
{
public:
ULONG lSignature;
USHORT iMajorVer;
USHORT iMinorVer;
ULONG iExtraData;
ULONG iVersionString;
public:
BYTE pVersion[0];
ULONG GetSignature()
{
return VAL32(lSignature);
}
void SetSignature(ULONG Signature)
{
lSignature = VAL32(Signature);
}

USHORT GetMajorVer()
{
return VAL16(iMajorVer);
}
void SetMajorVer(USHORT MajorVer)
{
iMajorVer = VAL16(MajorVer);
}

USHORT GetMinorVer()
{
return VAL16(iMinorVer);
}
void SetMinorVer(USHORT MinorVer)
{
iMinorVer = VAL16(MinorVer);
}

ULONG GetExtraDataOffset()
{
return VAL32(iExtraData);
}
void SetExtraDataOffset(ULONG ExtraDataOffset)
{
iExtraData = VAL32(ExtraDataOffset);
}

ULONG GetVersionStringLength()
{ 
Return VAL32 (iVersionString); 
} 
void SetVersionStringLength (ULONG VersionStringLength) 
{ 
iVersionString = VAL32 (VersionStringLength); 
} 
}; 
struct STORAGESTREAM 
{ 
public: 
ULONG iOffset; 
ULONG iSize Number of; 
char rcName [32]; 
}; 
int main () 
{ 
the HMODULE LoadLibraryExW = HE (L "C: \\ \\ Desktop tangyz17 the Users \\ \\ \\ CoreCLR the ClassLibrary1.dll", NULL,. 8); 
TADDR m_base = TADDR ((void *) HE); 
the IMAGE_DOS_HEADER * PTR_IMAGE_DOS_HEADER the SR = ( HE); 
IMAGE_NT_HEADERS the HR * = PTR_IMAGE_NT_HEADERS (m_base + VAL32 (SR-> e_lfanew which)); // Note the difference between this place and IMAGE_NT_HEADERS IMAGE_NT_HEADERS64 can not obtain OR with the latter, the DR value
IMAGE_DATA_DIRECTORY *PDR = PTR_IMAGE_DATA_DIRECTORY(TADDR(HR)+offsetof(IMAGE_NT_HEADERS, OptionalHeader.DataDirectory) + 14 * sizeof(IMAGE_DATA_DIRECTORY));
IMAGE_COR20_HEADER *OR = PTR_IMAGE_COR20_HEADER(m_base + VAL32(PDR->VirtualAddress));
IMAGE_DATA_DIRECTORY *DR = &(OR->MetaData);

const void *pMeta = NULL;
pMeta = (const void *)(VAL32(m_base + DR->VirtualAddress));

const BYTE *pbMd;
pbMd = (const BYTE*)pMeta;
pbMd += sizeof(STORAGESIGNATURE);
ULONG cbVersionString = ((STORAGESIGNATURE *)pMeta)->GetVersionStringLength();
pbMd += cbVersionString;
pbMd += sizeof(STORAGEHEADER);

STORAGESTREAM *stream = (STORAGESTREAM*)pbMd;

printf("%s", "Hello World");
getchar();
return 0;
}