Guest User

Untitled

a guest
Jan 22nd, 2018
78
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.77 KB | None | 0 0
  1. typedef struct _FILE_HEADER
  2. {
  3. ULONG Sig;
  4. USHORT Machine; // 0 = any machine
  5. USHORT NumberOfSections;
  6. ULONG PointerToSymbolTable; // RVA of symbol table
  7. ULONG NumberOfSymbols; // Number of symbols in table
  8.  
  9. ULONG SizeOfCode; // size of .text in bytes
  10. ULONG SizeOfInitializedData;
  11. ULONG SizeOfUninitializedData;
  12. ULONG AddressOfEntryPoint; // RVA of entry point
  13. ULONG BaseOfCode; // base of .text
  14. ULONG BaseOfInitializedData;
  15. ULONG ImageBase;
  16. ULONG SectionAlignment;
  17. USHORT FileAlignment;
  18. ULONG SizeOfImage; // size of image in bytes
  19. ULONG Checksum; // checksum
  20. USHORT Subsystem; // Console or no?
  21. USHORT DllCharacteristics; // DLL properties
  22. ULONG SizeOfStack; // size of stack, in bytes
  23. ULONG SizeOfHeap; // size of heap, in bytes
  24. USHORT NumberOfDataDirectories
  25. IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
  26. }
  27.  
  28.  
  29. typedef struct _IMAGE_DATA_DIRECTORY {
  30. DWORD VirtualAddress; // RVA of table
  31. DWORD Size; // size of table
  32. } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
  33.  
  34. 0: Export directory
  35. 1: Import directory
  36. 2: Resource directory
  37. 3: Exception directory
  38. 4: Security directory
  39. 5: Base relocation table
  40. 6: Debug directory
  41. 7: Description string
  42.  
  43. typedef struct _IMAGE_EXPORT_DIRECTORY
  44. {
  45. uint32_t Characteristics;
  46. uint32_t TimeDateStamp;
  47. uint16_t MajorVersion;
  48. uint16_t MinorVersion;
  49. uint32_t Name;
  50. uint32_t Base;
  51. uint32_t NumberOfFunctions;
  52. uint32_t NumberOfNames;
  53. uint32_t** AddressOfFunctions;
  54. uint32_t** AddressOfNames;
  55. uint16_t** AddressOfNameOrdinal;
  56. }IMAGE_EXPORT_DIRECTORY,*PIMAGE_EXPORT_DIRECTORY;
Add Comment
Please, Sign In to add comment