#include <Windows.h>

int main(){
    printf("Enter name of program. \n");
    char prog[300];
    scanf("%s", prog);
    HMODULE hModule = GetModuleHandleW((LPCWSTR)prog);
    if (hModule){
        IMAGE_DOS_HEADER* pIDH = (IMAGE_DOS_HEADER*)hModule;
        IMAGE_NT_HEADERS* pNTH =(IMAGE_NT_HEADERS*)((BYTE*)pIDH   pIDH->e_lfanew);
        IMAGE_OPTIONAL_HEADER pOPH = (IMAGE_OPTIONAL_HEADER)pNTH->OptionalHeader;
        IMAGE_DATA_DIRECTORY* pIDD = (IMAGE_DATA_DIRECTORY*)pOPH.DataDirectory;
        printf("%x", pIDD->VirtualAddress);
    }
    else {
        printf("Error");
    }

    return 0;
}

That's my basic script for now only to check if I get into the IMAGE_DATA_DIRECTORY. My goal is to print every dll and all of it's imported functions of a certain running process - GetModuleHandleA / W. Every call its returning null - printing "Error" as I checked, excluding the empty call in which it prints '0' for some reason..

CodePudding user response：

Besides the obvious (LPCWSTR)prog casting bug, GetModuleHandle is never going to work because it only handles modules in the current process.

Call CreateToolhelp32Snapshot to get a list of all processes and then call CreateToolhelp32Snapshot again to get the modules of a specific process. Note that you cannot read the DOS/NT headers of a remote process directly, you would have to use ReadProcessMemory.

DataDirectory is an array, you have to specify the directory you are interested in (resource, import, export etc.).