NET中解析纯Win32 PE文件(Exe/DLL) [英] Parsing plain Win32 PE File (Exe/DLL) in .NET
问题描述
我需要解析纯Win32 DLL/Exe,并从中获取所有导入和导出,以在控制台或GUI(即Win Forms)上显示.是否可以通过读取其导出/导入表并从中获取托管类型来解析C#.NET中的Win32 DLL/Exe?由于是非托管PE,.NET不允许您将非托管PE文件转换为托管.NET程序集,它仅生成COM托管程序集.
I need to parse plain Win32 DLL/Exe and get all imports and exports from it to show on console or GUI (i.e. Win Forms). Is it possible to parse Win32 DLL/Exe in C#.NET by reading its export/import tables and get managed types from it? As it's unmanaged PE, .NET doesn't allows you to convert unmanaged PE files to managed .NET assemblies, it only generates COM managed assemblies.
如何解析这些表并采用托管形式获取其所有方法(签名). (例如,如果char *作为参数,则应显示为IntPtr).
How can I parse these tables and take all of its methods (signatures) in managed form. (e.g. if char* as argument, it should display as IntPtr).
推荐答案
Parsing PE files is possible using the Microsoft Portable Executable Specification Document. However, as Logan noted, the signatures are not included in the PE file; only the names of the exported functions are included.
更新:如果您的dll是由Microsoft C ++编译器的最新版本创建的C ++ dll,则可以通过调用以下函数来取消修饰的名称以获取大部分签名:
UPDATE: If your dll is a C++ dll created by a recent version of Microsoft's C++ compiler, then you can undecorate the mangled name to get most of the signature by calling this function: UnDecorateSymbolName from Debugging Tools for Windows. However, the return value is not included in the mangled name.
这篇关于NET中解析纯Win32 PE文件(Exe/DLL)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
