winapi - Get DLL Module size after DLL injection without GetModuleInformation
问题描述
I manual map dll and i can't get MODULEINFO for it's working region with GetModuleInformation (it's always answer for me with "Unable to obtain module")?. That happens because that function tries to get data from the module list in the process environment block. But a manually mapped dll is usually not linked in that list unless of course you manually add a new list entry. It doesn't use the info from the header (or at least not directly). So i already has dllBase that is hModule. So now i only need to get it's size. Is any way to get it without GetModuleInformation?
static void someFunc(HINSTANCE hModule)
{
// all the vars we need for the GetModuleInformation call
MODULEINFO modInfo;
HANDLE hProcess = GetCurrentProcess();
if (GetModuleInformation(hProcess, hModule, &modInfo, sizeof(MODULEINFO)))
{
// some work
}
else {
std::cout << "Unable to obtain module" << std::endl;
}
}
解决方案
如果我们想在自我过程中获取映射图像的图像大小 - 我们可以从SizeOfImage成员中读取它IMAGE_OPTIONAL_HEADER- 这是映射为内存中图像图像的大小(不是磁盘上的大小)
ULONG GetImageSize(PVOID ImageBase = &__ImageBase)
{
if (PIMAGE_NT_HEADERS pinth = RtlImageNtHeader(ImageBase))
{
return pinth->OptionalHeader.SizeOfImage;
}
return 0;
}
推荐阅读
- python - 将批量(100+)项添加到列表小部件并退出应用程序时 PYQT5 GUI 应用程序冻结
- javascript - if 语句不返回任何 TRUE,即使它应该
- java - 从片段调用活动使用接口,但为什么?
- kubernetes-ingress - 同一后端服务中多个路径的 K8s Ingress 规则
- excel - 如何通过从单元格中获取形状名称来引用形状?
- android - Gradle 错误无法解析 com.github.Binary-Finery:Bungee:master-SNAPSHOT
- c# - 将带有计数的嵌套 SQL 转换为 linQ
- sql - 您如何根据记录总数计算具有统计意义的样本量?(Postgres)
- javascript - 需要以不同的方式格式化对象数组
- java - 带有可选按钮的密码字段以使用 vaadin 显示密码