I am trying to read the binary code in the text section of an executable game file (PE) programmatically but I don't know the start address and the end address of the text section. I am using C++/Win32Api to do that mission. Are there functions that can help me for that purpose?
Notice: I have searched a lot but I didn't find anything related to that.
Sounds like you need to read the specification, and/or a tutorial, for the PE file format. There are many such resources; here's one. Specifically, you're going to want to locate the IMAGE_SECTION_HEADER structures, and then consult their VirtualAddress and SizeOfRawData fields. You can identify the .text section either through the Name field, or by checking the Characteristics field for the IMAGE_SCN_CNT_CODE bit.
I was post a answer in Stack Overflow, and this is the code:
HMODULE hMod = LoadLibrary("foo.dll"); PIMAGE_NT_HEADERS NtHeaders = (PIMAGE_NT_HEADERS)(hMod + ((PIMAGE_DOS_HEADER)hMod)->e_lfanew); PIMAGE_SECTION_HEADER SectionHeaders = IMAGE_FIRST_SECTION(NtHeaders); PIMAGE_SECTION_HEADER codeSection2; for (WORD SectionIndex = 0; SectionIndex < NtHeaders->FileHeader.NumberOfSections; SectionIndex++) { PIMAGE_SECTION_HEADER SectionHeader = &SectionHeaders[SectionIndex]; if (SectionHeader->Characteristics & IMAGE_SCN_CNT_CODE){ codeSection2 = SectionHeader; break; } } IMAGE_SECTION_HEADER codeSection = *codeSection2; FreeLibrary(hMod); 