static public MsDosHeader readMSDOSHeader(BinaryIn source) { MsDosHeader dosHeader = new MsDosHeader(); dosHeader.signature = source.getTwo(); if (dosHeader.signature != 0x5a4d) { throw new Win32FormatException("this is not a valid win32 executable file"); } dosHeader.lastsize = source.getTwo(); dosHeader.nblocks = source.getTwo(); dosHeader.nreloc = source.getTwo(); dosHeader.hdrsize = source.getTwo(); dosHeader.minalloc = source.getTwo(); dosHeader.maxalloc = source.getTwo(); dosHeader.ss = source.getTwo(); dosHeader.sp = source.getTwo(); dosHeader.checksum = source.getTwo(); dosHeader.ip = source.getTwo(); dosHeader.cs = source.getTwo(); dosHeader.relocpos = source.getTwo(); dosHeader.noverlay = source.getTwo(); dosHeader.reserved1 = source.getRange(8); dosHeader.oem_id = source.getTwo(); dosHeader.oem_info = source.getTwo(); dosHeader.reserved2 = source.getRange(20); dosHeader.e_lfanew = source.getFour(); return(dosHeader); }
//- reading in ---------------------------------------------------------------- public void readFile(String _filename) { filename = _filename; BinaryIn source = new BinaryIn(filename); dosHeader = MsDosHeader.readMSDOSHeader(source); source.seek(dosHeader.e_lfanew); uint pesig = source.getFour(); if (pesig != 0x00004550) { throw new Win32ReadException("this is not a valid win32 executable file"); } machine = (MachineType)source.getTwo(); uint secCount = source.getTwo(); uint stamp = source.getFour(); timeStamp = setTimestamp(stamp); uint symbolTblAddr = source.getFour(); uint symbolTblCount = source.getFour(); //these fields should be zero uint optionalHdrSize = source.getTwo(); if (optionalHdrSize != 0xe0) { throw new Win32ReadException("this is not a valid win32 executable file"); } uint flags = source.getTwo(); characteristics = Characteristics.decodeFlags(flags); readOptionalHeader(source); loadSections(source, secCount); //getImportTable(source); //getExportTable(source); //getResourceTable(source); }
//private void getResourceTable(SourceFile source) //{ // if (optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].size > 0) // { // uint resOfs = optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].rva; // uint resSize = optHeader.dataDirectory[DataDirectory.IMAGE_DIRECTORY_ENTRY_RESOURCE].size; // Section resSec = findSection(resOfs); // if (resSec != null) // { // SourceFile secData = new SourceFile(resSec.data); // resourceTable = new ResourceTable(); // resourceTable.imageBase = imageBase; // resourceTable.resourceRVA = resOfs; // resourceTable.data = secData.getRange(resOfs - resSec.memloc, resSize); // } // } //} //- writing out ---------------------------------------------------------------- public void writeFile(String _filename) { filename = _filename; mempos = 0x1000; filepos = 0; //build dos header if (dosHeader == null) { dosHeader = new MsDosHeader(); } uint winHdrPos = (((dosHeader.headerSize + 7) / 8) * 8); dosHeader.e_lfanew = winHdrPos; //win hdr fields characteristics.isExecutable = true; characteristics.is32BitMachine = true; if (isDLL) { characteristics.isDLL = true; imageBase = 0x10000000; //dll default image base } uint sectionCount = (uint)sections.Count; if (exportList.Count > 0) { sectionCount++; } if (relocList.Count > 0) { sectionCount++; } filepos = (winHdrPos + 0x18 + 0xe0 + (uint)(sectionCount * 0x28) + (fileAlignment - 1)) & ~(fileAlignment - 1); sizeOfHeaders = filepos; buildSectionTable(); //build standard sections //int importSecNum = -1; //if (importTable != null) //{ // importSecNum = sections.Count; // CoffSection importSection = importTable.createSection(); // sections.Add(importSection); //} if (exportList.Count > 0) { buildExportSection(); } //int resourceSecNum = -1; //if (resourceTable != null) //{ // resourceSecNum = sections.Count; // CoffSection resourceSection = resourceTable.createSection(); // sections.Add(resourceSection); //} if (relocList.Count > 0) { buildRelocSection(); } sizeOfImage = mempos; //total image size BinaryOut outfile = new BinaryOut(filename); dosHeader.writeOut(outfile); outfile.putZeros(winHdrPos - dosHeader.headerSize); writeCoffHeader(outfile); writeOptionalHeader(outfile); writeSectionTable(outfile); outfile.putZeros(sizeOfHeaders - outfile.getPos()); writeSectionData(outfile); outfile.writeOut(); }
public Win32Exe() { filename = null; isDLL = false; mempos = 0; filepos = 0; dosHeader = null; //coff header fields machine = MachineType.IMAGE_FILE_MACHINE_I386; timeStamp = DateTime.Now; characteristics = new Characteristics(); //optional header fields magicNum = 0x010b; //PE32 executable majorLinkerVersion = 0; minorLinkerVersion = 1; sizeOfCode = 0; sizeOfInitializedData = 0; sizeOfUninitializedData = 0; addressOfEntryPoint = 0; baseOfCode = 0; baseOfData = 0; imageBase = 0x400000; //exe default image base memAlignment = 0x1000; fileAlignment = 0x200; majorOSVersion = 5; minorOSVersion = 1; majorImageVersion = 0; minorImageVersion = 0; majorSubsystemVersion = 5; minorSubsystemVersion = 1; win32VersionValue = 0; //reserved, must be zero sizeOfImage = 0; sizeOfHeaders = 0; checksum = 0; subsystem = 2; dLLCharacteristics = 0x140; sizeOfStackReserve = 0x100000; sizeOfStackCommit = 0x1000; sizeOfHeapReserve = 0x100000; sizeOfHeapCommit = 0x1000; loaderFlags = 0; //reserved, must be zero numberOfRvaAndSizes = 0x10; //"not fixed" but the PE format spec only defines 16 of these //data directory dExportTable = new DataDirectory(); dImportTable = new DataDirectory(); dResourceTable = new DataDirectory(); exceptionTable = new DataDirectory(); certificatesTable = new DataDirectory(); baseRelocationTable = new DataDirectory(); debugTable = new DataDirectory(); architecture = new DataDirectory(); globalPtr = new DataDirectory(); threadLocalStorageTable = new DataDirectory(); loadConfigurationTable = new DataDirectory(); boundImportTable = new DataDirectory(); importAddressTable = new DataDirectory(); delayImportDescriptor = new DataDirectory(); CLRRuntimeHeader = new DataDirectory(); reserved = new DataDirectory(); sections = new List <CoffSection>(); //standard sections importSec = null; importList = new List <CoffImportEntry>(); exportSec = null; exportList = new List <CoffExportEntry>(); resourceSec = null; resourceList = new List <ResourceData>(); relocSec = null; relocList = new List <CoffRelocationEntry>(); }