Código PHP:
function UPXPresent(const Filename:TFileName): Boolean;
var
i : integer;
pBase : PByte;
DOS : PImageDosHeader;
pNtHeaders : PImageNtHeaders;
hFile, hFileMap, dwOffset : Cardinal;
pSectionHeader: PImageSectionHeader;
SectNome : AnsiString;
begin
Result:=False;
hFile := CreateFile(PChar(Filename), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
if (hFile = INVALID_HANDLE_VALUE) then Exit;
hFileMap := CreateFileMapping(hFile, nil, PAGE_READONLY or SEC_IMAGE, 0, 0, nil);
if (hFileMap = 0) then
begin
CloseHandle(hFile);
Exit;
end;
pBase := MapViewOfFile(hFileMap, FILE_MAP_READ, 0, 0, 0);
try
try
dwOffset := Cardinal(pBase);
DOS := PImageDosHeader(pBase);
pNtHeaders := PImageNtHeaders(dwOffset + Cardinal(DOS._lfanew));
ShowMessage(IntToStr(pNtHeaders.OptionalHeader.ImageBase));
pSectionHeader := pImageSectionHeader(Cardinal(pNtHeaders) + SizeOf(TImageNtHeaders));
for i := 0 to pNtHeaders.FileHeader.NumberOfSections-1 do
begin
SetString(SectNome, PAnsiChar(@pSectionHeader.Name), SizeOf(pSectionHeader.Name));
Result:=Pos('UPX',SectNome)>0;
If Result then break;
Inc(pSectionHeader);
end;
finally
UnmapViewOfFile(pBase);
CloseHandle(hFileMap);
CloseHandle(hFile);
end;
Except
On E : except do
ShowMessage(E.Message);
end;
Créditos: