#ifndef _PEREAD_#define _PEREAD_#include <sys/types.h>struct IMAGE_D

1.  
2. #ifndef _PEREAD_
3. #define _PEREAD_
4.  
5. #include <sys/types.h>
6.  
7. struct IMAGE_DOS_HEADER{
8. u_int16_t e_magic;
9. u_int16_t e_partpage; // bytes on last page of file
10. u_int16_t e_pagecnt; // number of pages
11. u_int16_t e_relocnt; // number of relocations
12. u_int16_t e_hdrsize; // size of header in paragraphs [128 bit]
13. u_int16_t e_minmem; // minimum extra memory needed
14. u_int16_t e_maxmem; // maximum extra memory needed
15. u_int16_t e_reloss; // initial ss value [stack segment]
16. u_int16_t e_exesp; // initial sp value [stack pointer]
17. u_int16_t e_chksum; // Checksum vlaue
18. u_int16_t e_exeip; // initial IP value [instruction pointer]
19. u_int16_t e_Relocs; // initial CS value [code segmant]
20. u_int16_t e_tabloff; // offset of the relocation table
21. u_int16_t e_overlay; // Overlay number
22. u_int16_t e_empty[4]; // reserved words
23. u_int16_t e_oem; // OEM id
24. u_int16_t e_oeminfo; // OEM info
25. u_int16_t e_empty2[10]; // reserved words
26. u_int32_t e_lfanew; // Offset to PE header
27. };
28. struct IMAGE_OPTIONAL_HEADER{
29. u_int16_t e_magic; // magic number
30. u_int8_t e_mjrlnkr; // Major Linker version
31. u_int8_t e_mnrlnkr; // Minor Linker version
32. u_int32_t e_codesize; // Size of the code sections combined
33. u_int32_t e_datasize; // Size of .data section
34. u_int32_t e_udatasize; // Size of uninitialized data
35. u_int32_t e_entry; // Address of Entry Point [RVA]
36. u_int32_t e_cbase; // Code Base RVA
37. u_int32_t e_dbase; // Data Base RVA
38. u_int32_t e_imgbase; // Base of the whole image
39. u_int32_t e_secalgn; // Section alignment
40. u_int32_t e_filalgn; // File alignment
41. u_int16_t e_mjrosvr; // Major OS version
42. u_int16_t e_mnrosvr; // Minor OS version
43. u_int16_t e_mjrimgvr; // Major Image version
44. u_int16_t e_mnrimgvr; // Minor Image version
45. u_int16_t e_mjrsubvr; // Major subSystem version (NT)
46. u_int16_t e_mnrsubvr; // Minor sub System version
47. u_int32_t e_reserved;
48. u_int32_t e_imgsize; // the size of image
49. u_int32_t e_hdrsize; // size of PE header and section table;
50. u_int32_t e_chksum; // Checksum
51. u_int16_t e_subsystem; // Subsystem for the interface
52. u_int16_t e_dllchr; // DLL Characterstics
53. u_int32_t e_stkrsv; // size of bytes reserved for the thread stack
54. u_int32_t e_stkcmt; // the memory initialy commited for the stack
55. u_int32_t e_hprsv; // size of heap reserved memory
56. u_int32_t e_hpcmt; // size of heap commited memory
57. u_int32_t e_ldflags; // Loader Flags
58. u_int32_t e_numrvasz; // Number of entries in DataDirectory
59. u_int32_t e_datadir[0x20];
60. };
61.  
62. struct IMAGE_NT_HEADERS{
63. u_int32_t e_magic;
64. u_int16_t e_machine; // type of machine
65. u_int16_t e_numsec; // number of sections
66. u_int32_t e_timestamp; // file timestamp
67. u_int32_t e_psymtbl; // symbol table pointer
68. u_int32_t e_numsym; // number of symbols
69. u_int16_t e_opthdrsz; // size of optional header
70. u_int16_t e_chr; // file Characterstics
71. struct IMAGE_OPTIONAL_HEADER e_opthdr;
72. };
73.  
74. struct IMAGE_SECTION_HEADER{
75. char s_name[8]; // Section name in ascii
76. u_int32_t s_virtsize; // size of section [No .OBJ files to process..now!]
77. u_int32_t s_virtaddr; // the section's RVA
78. u_int32_t s_rwdtsize; // Size of raw data which is size of section after alginment
79. u_int32_t s_rwdtptr; // pointer to section start on disk
80. u_int32_t s_relocptr; // Pointer to relocatios [ we wont need it...now!]
81. u_int32_t s_lineptr; // Pointer to Line number...ignore it for now!
82. u_int16_t s_relocnum; // Numer of relocations
83. u_int16_t s_linenum; // number of line numbers
84. u_int32_t s_chr; // Section Characterstics
85.  
86.  
87.  
88. };
89.  
90. #endif