Announcement

Collapse
No announcement yet.

PE file format

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Paul Dwyer
    replied
    Why not go to the source.

    Here is the Spec...
    http://www.microsoft.com/hwdev/hardware/downPECOFF.htm?

    ------------------
    Paul Dwyer
    Network Engineer
    Aussie in Tokyo

    Leave a comment:

  • Nathan Evans
    replied
    Thank you Sven!

    I modified some code written by Kevin Voell, and ended up with the following
    PB/DLL app.

    The app finds the location of the 'Code Section' and 'Base of Data'.

    Many thanks,

    - Nathan.

    Code:
    #COMPILE EXE
#INCLUDE "WIN32API.INC"
#INCLUDE "COMDLG32.INC"

FUNCTION PBMAIN()
   LOCAL ExeHdrInfo AS IMAGE_NT_HEADERS
   LOCAL DOSHdr AS Image_DOS_Header
   LOCAL hDLG  AS LONG
   Path$ = CURDIR$
   Style%    = %OFN_FILEMUSTEXIST OR %OFN_HIDEREADONLY OR %OFN_LONGNAMES
   RESULT% = OpenFileDialog(%HWND_DESKTOP, "Open File", f$, Path$, "Executable Files|*.EXE|All Files|*.*", "EXE",%OFN_FILEMUSTEXIST OR %OFN_HIDEREADONLY OR %OFN_LONGNAMES)
   X% = FREEFILE
   OPEN f$ FOR BINARY AS X%
   GET X%,, DosHdr
   SEEK X%, 0
   SEEK X%, DosHdr.e_lfanew + 1
   se% = SEEK(x%)
   GET X%,, ExeHdrInfo
   CLOSE X%

   DIALOG NEW %HWND_DESKTOP, "EXE FILE INFO", ,,200,80,%WS_SYSMENU, TO hDLG

     BaseOfCode$ = FORMAT$(ExeHdrInfo.OptionalHeader.BaseOfCode)
     CONTROL ADD LABEL, hDLG, 101, "Base of Code:" + BaseOfCode$, 10, 4, 200, 10
   
     BaseOfData$ = FORMAT$(ExeHdrInfo.OptionalHeader.BaseOfData)
     CONTROL ADD LABEL, hDLG, 101, "Base of Data: " + BaseOfData$, 10, 14, 200, 10
     
          CONTROL ADD LABEL, hDLG, 101, "Filename: " + "..." & RIGHT$(f$, 20), 10, 28, 200, 50
   
   DIALOG SHOW MODAL hDLG

END FUNCTION

    Leave a comment:

  • Sven Blumenstein
    replied
    take a look here:
    http://www.powerbasic.com/support/pb...ead.php?t=3763

    ------------------
    e-mail (home): mailto:[email protected][email protected]</a>
    e-mail (work): mailto:[email protected][email protected]</a>

    Leave a comment:

  • Nathan Evans
    started a topic PE file format

    PE file format


    I'm looking to find the offset of the Code Section of any given EXE file.

    An article called 'The Portable Executable File Format from Top to Bottom'
    by Randy Kath mentions a PEFILE.h. (http://www.eccentrica.org/Mammon/Text/pefile.html)

    I believe before i can get started i'll need this..

    Hands?


    Thanks!!
    - Nathan
    Tags: None
Previous template Next
Working...
X

We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, and to analyze site activity. For additional details, refer to our Privacy Policy.

By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

I Agree