код
Код
--lua
local ffi = require("ffi")
local IMAGE_DIRECTORY_ENTRY_EXPORT = 0
local Imagehlp = ffi.load('Imagehlp.dll')
local Dbghelp = ffi.load('Dbghelp.dll')
ffi.cdef[[
typedef unsigned short WORD;
typedef unsigned long DWORD;
typedef void *PVOID;
typedef unsigned long *PULONG;
typedef struct _LOADED_IMAGE { const char* ModuleName; int hFile; int MappedAddress; int FileHeader; int LastRvaSection; int NumberOfSections; int Sections;
int Characteristics; bool fSystemImage; bool fDOSImage; bool fReadOnly; int Version; long Links; int SizeOfImage;} LOADED_IMAGE, *PLOADED_IMAGE;
typedef struct _IMAGE_EXPORT_DIRECTORY{DWORD Characteristics; DWORD TimeDateStamp; WORD MajorVersion; WORD MinorVersion; DWORD Name; DWORD Base; DWORD NumberOfFunctions;
DWORD NumberOfNames; DWORD AddressOfFunctions; DWORD AddressOfNames;DWORD AddressOfNameOrdinals;} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
bool MapAndLoad(const char* ImageName, unsigned char* DllPath, PLOADED_IMAGE LoadedImage, bool DotDll, bool ReadOnly);
PVOID ImageDirectoryEntryToData(PVOID Base, bool MappedAsImage, unsigned short DirectoryEntry, PULONG Size);
PVOID ImageRvaToVa(int NtHeaders, PVOID Base, unsigned int Rva, int* LastRvaSection);
]]
function list_function(name_dll)
local LoadedImage = ffi.new('LOADED_IMAGE')
local _size = ffi.new('int[1]')
Imagehlp.MapAndLoad(name_dll, nil, LoadedImage, true, true)
local ImageExportDirectory = ffi.cast('PIMAGE_EXPORT_DIRECTORY', Dbghelp.ImageDirectoryEntryToData(ffi.cast('PVOID', LoadedImage.MappedAddress), false, IMAGE_DIRECTORY_ENTRY_EXPORT, _size))
local address = ffi.cast('int*', Dbghelp.ImageRvaToVa(LoadedImage.FileHeader, ffi.cast('PVOID', LoadedImage.MappedAddress), ImageExportDirectory.AddressOfNames, nil))
for i=0, ImageExportDirectory.NumberOfNames-1 do
local name_func = Dbghelp.ImageRvaToVa(LoadedImage.FileHeader, ffi.cast('PVOID', LoadedImage.MappedAddress), address[i], nil)
log(ffi.string(name_func))
end
log ('Всего функций: ' .. tostring(ImageExportDirectory.NumberOfNames))
end
log 'clear' log 'mode compact'
list_function('User32.dll') -- список экспортируемых функций длл