PE File Format Study

CString fileFullPath=_T("C://notepad.exe"); fstream fs; fs.open(fileFullPath,ios::binary|ios::in); fs.seekg(0x3c); DWORD dwPESignture; fs.seekg(0x3c); fs.read((char*)(&dwPESignture),4); fs.seekg(dwPESignture); char chPESignture[2]; fs.read(chPESignture,2); if (!(chPESignture[0]=='P'&&chPESignture[1]=='E')) { AfxMessageBox(_T("not avalid PE File!")); fs.close(); return; } DWORD dwFile_Header; dwFile_Header=dwPESignture+4; //NumberOfSection fs.seekg(dwFile_Header+2); unsigned short numberOfSections; fs.read((char*)(&numberOfSections),2); //SizeOfOptionHeader fs.seekg(dwFile_Header+16); unsigned short dwSizeOfOptionHeader; fs.read((char*)(&dwSizeOfOptionHeader),2); DWORD dwOptionHeaderPos; dwOptionHeaderPos=dwFile_Header+20; //magic short peMagic; fs.seekg(dwOptionHeaderPos); fs.read((char*)(&peMagic),2); //AddressOfEntryPoint DWORD dwAddressOfEntryPoint; fs.seekg(dwOptionHeaderPos+16); fs.read((char*)(&dwAddressOfEntryPoint),4); DWORD dwBaseOfCode; fs.seekg(dwOptionHeaderPos+20); fs.read((char*)(&dwBaseOfCode),4); DWORD dwBaseOfData; fs.seekg(dwOptionHeaderPos+24); fs.read((char*)(&dwBaseOfData),4); DWORD dwImageBase; fs.seekg(dwOptionHeaderPos+28); fs.read((char*)(&dwImageBase),4); DWORD dwSectionAlignment; fs.seekg(dwOptionHeaderPos+32); fs.read((char*)(&dwSectionAlignment),4); DWORD dwSizeOfImage; fs.seekg(dwOptionHeaderPos+56); fs.read((char*)(&dwSizeOfImage),4); DWORD dwSectionTablePos=dwOptionHeaderPos+dwSizeOfOptionHeader; fs.close();