static public MsDosHeader readMSDOSHeader(SourceFile source) { MsDosHeader dosHeader = new MsDosHeader(); dosHeader.signature = source.getTwo(); if (dosHeader.signature != 0x5a4d) { throw new Win32ReadException("this is not a valid win32 executable file"); } dosHeader.lastsize = source.getTwo(); dosHeader.nblocks = source.getTwo(); dosHeader.nreloc = source.getTwo(); dosHeader.hdrsize = source.getTwo(); dosHeader.minalloc = source.getTwo(); dosHeader.maxalloc = source.getTwo(); dosHeader.ss = source.getTwo(); dosHeader.sp = source.getTwo(); dosHeader.checksum = source.getTwo(); dosHeader.ip = source.getTwo(); dosHeader.cs = source.getTwo(); dosHeader.relocpos = source.getTwo(); dosHeader.noverlay = source.getTwo(); dosHeader.reserved1 = source.getRange(8); dosHeader.oem_id = source.getTwo(); dosHeader.oem_info = source.getTwo(); dosHeader.reserved2 = source.getRange(20); dosHeader.e_lfanew = source.getFour(); return(dosHeader); }
//- reading in ---------------------------------------------------------------- public void readFile(String _filename) { filename = _filename; SourceFile source = new SourceFile(filename); dosHeader = MsDosHeader.readMSDOSHeader(source); source.seek(dosHeader.e_lfanew); uint pesig = source.getFour(); if (pesig != 0x00004550) { throw new Win32ReadException("this is not a valid win32 executable file"); } readCoffHeader(source); readOptionalHeader(source); loadSections(source); foreach (Section section in sections) { section.imageBase = imageBase; //sections in exe/dll have an image base } //getResourceTable(source); }
public Win32Exe() : base() { filename = null; dosHeader = null; //optional header fields magicNum = 0; majorLinkerVersion = 0; minorLinkerVersion = 0; sizeOfCode = 0; sizeOfInitializedData = 0; sizeOfUninitializedData = 0; addressOfEntryPoint = 0; baseOfCode = 0; baseOfData = 0; imageBase = 0; sectionAlignment = 0; fileAlignment = 0; majorOSVersion = 0; minorOSVersion = 0; majorImageVersion = 0; minorImageVersion = 0; majorSubsystemVersion = 0; minorSubsystemVersion = 0; win32VersionValue = 0; sizeOfImage = 0; sizeOfHeaders = 0; checksum = 0; subsystem = 0; dLLCharacteristics = 0; sizeOfStackReserve = 0; sizeOfStackCommit = 0; sizeOfHeapReserve = 0; sizeOfHeapCommit = 0; loaderFlags = 0; numberOfRvaAndSizes = 0; //data directory dExportTable = null; dImportTable = null; dResourceTable = null; exceptionTable = null; certificatesTable = null; baseRelocationTable = null; debugTable = null; architecture = null; globalPtr = null; threadLocalStorageTable = null; loadConfigurationTable = null; boundImportTable = null; importAddressTable = null; delayImportDescriptor = null; CLRRuntimeHeader = null; reserved = null; //standard sections exportTable = null; importTable = null; resourceTable = null; }
//private void getResourceTable(SourceFile source) //{ // if (optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].size > 0) // { // uint resOfs = optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].rva; // uint resSize = optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].size; // Section resSec = findSection(resOfs); // if (resSec != null) // { // SourceFile secData = new SourceFile(resSec.data); // resourceTable = new ResourceTable(); // resourceTable.imageBase = imageBase; // resourceTable.resourceRVA = resOfs; // resourceTable.data = secData.getRange(resOfs - resSec.memloc, resSize); // } // } //} //- writing out ---------------------------------------------------------------- public void layoutImage() { dosHeader = new MsDosHeader(); dosHeader.e_lfanew = 0x200; }