portable-executable

问题 So I'm trying to write a basic disassembler for a school project using Python. I'm using the pydasm and capstone libraries. What I don't understand is how I can actually access the assembly instructions of a program using Python. These libraries allow me to disassemble instructions, but I can't figure out how to access a program's instructions in Python. Could anyone give me some direction? Thanks. 回答1: This depends on what OS you're using. You have some other questions about Linux, so I'm

问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 5 years ago . I need to do a program in C/C++ in witch one i'll need to take each sction of a PE File, hash them and sign them, I made yet the hashing and signing functions but: I don't know how to get each section of a PE File as a char* or byte*, I don't know how to if i can use a simple

问题 I wrote some simple code by C/C++ ,compiling by Dev C++(MinGW) in PE format on win10 . I used the tool "Stud PE" to review the PE file structure of the compiled exe as follows: As you can see,in addition to the normal file sections like .text ,.data , .bss ... , there are some other sections with the name like /4,/19,/31 ... . How can I know what's the purpose of these sections ? for debugging?? (but why so many sections with strange name ?) Is there any documentation or material to explain

问题 When using a resource included in a PE file (for example a binary resource) in C++ . we have to first call 1 )FindResource and then 2 )LoadResource to access the resource . Being accurate about the function name "LoadResource" i wonder if the "Windows Loader" does load all resource of an application in memory just when loading other parts (like code or data section) or they are delay loaded only when we need them ? If so can we unload these resources after we have used them in order to free

问题 Assuming you have a stream of data or a block of bytes you want to carve, how can you determine the size of the executables? There are numerous headers inside the PE executable format, but what header sections do I use to determine (if possible) the total length of the executable? Here is a picture of the file format. 回答1: If the PE file is well formed, the calculation can be simplified as (pseudo-code): size = IMAGE_NT_HEADERS.OptionalHeader.SizeOfHeaders foreach section_header in section

问题 What are the requirements of a PE file (PE/COFF)? What fields should be set, which value, at a bare minimum for enabling it to "run" on Windows (i.e. executing "ret" instruction and then close, without error). The library I am building first is the linker: Now, the problem I have is the PE file (PE/COFF). I don't know what is "required" for a PE file before it can actually execute on my platform. My testing platform is Vista. I get an error message, saying " This is not a valid Win32

问题 What are the requirements of a PE file (PE/COFF)? What fields should be set, which value, at a bare minimum for enabling it to "run" on Windows (i.e. executing "ret" instruction and then close, without error). The library I am building first is the linker: Now, the problem I have is the PE file (PE/COFF). I don't know what is "required" for a PE file before it can actually execute on my platform. My testing platform is Vista. I get an error message, saying " This is not a valid Win32

问题 First of all, this is not a duplicate of the very common question of making an EXE from Java classes. I do not need to do that. To solve NetBeans RFE #64612 without manual steps I need a Java (6+) library which can take an existing Windows *.exe file and replace its icon with a substitute in a common format. The executable, which is generic and prebuilt (distributed in binary form), already knows how to load an application-specific config file and then start the JRE with various application

问题 I would like to implement this in C# I have looked here: http://www.codeproject.com/KB/cpp/PEChecksum.aspx And am aware of the ImageHlp.dll MapFileAndCheckSum function. However, for various reasons, I would like to implement this myself. The best I have found is here: http://forum.sysinternals.com/optional-header-checksum-calculation_topic24214.html But, I don't understand the explanation. Can anyone clarify how the checksum is calculated? Thanks! Update I from the code example, I do not

问题 Ok, this question is about portable as in no dependencies (i.e. "I can put the binaries in a USB key and bring it with me everywhere, e-mail them to friends etc"). I have heard of static linking but I'm confused to what are exactly the consequences of it; what can and what can't be static linked (i.e. what about Qt, OpenGL, libstdc++?) and to which degree the binary will be "portable" afterwards. I've also heard of LSB (Linux Standard Base) but I don't know exactly what it is or if it can