www.xbdev.net xbdev - software development
Thursday February 23, 2017
home | about | contact | Donations

     
 
PE File Structure - xbdev.net - Home Of Software Knowledge.  

PE Format ... and its dark dark secrets

Well we all know what a PE is... many have not heard it called my this name, but the PE is the .exe you use to run applications on your computer.  For example notepad.exe, winamp.exe etc... and kernel.dll, nero.dll are all PE's.  They all follow a certain structure.  Now such a valuable and reguarly used file format should be understood or at least tried ;)

So I'm going to show you the insides of a simple .exe... rip it to pieces until there's nothing left in there.

Okay now I had to choose an exe as an example... I was going to use notepad.exe but then I thought that it is a bit complex to start with, and I'll add it in later on.  So to start with we'll compile and create our own exe and then we can see just where this code is in our PE file.

Now before I start telling you which bytes do what and what a section is and why I'm poor...lol... I'm going to break it up into little chapters that you can easily chew and digest.  If I force it al l on you in one big go it might kill you ;).

 

Chptr-1-  PE File Format From A Distance.

Chptr-2-  Start of a PE... our simple .exe

Chptr-3-  FileHeader isnt' scary its our friend!

Chptr-4-  More Headers (Optional or NOT)

Chptr-5-  Sections ... our code.. we found you.

Chptr-6-  Import Table.

 

Also feedback is welcome, so if you come across any errors please tell me.  Again this information is for educational purposes, as I think its an piece of knowledge to know this... as its something you use all the time, and if your a programmer... even more valuable.

webmaster@xbdev.net

 

 

 

 
 Visitor: 9534626  { 209.237.238.175 } Copyright (c) 2002-2017 xbdev.net - All rights reserved.
Designated tutorial and software are the property of their respective owners.