When I thought this idea up I thought this would be cool but it ended up being stupid, but I figured I would post the code anyway. Just spits out the stuff in the image_nt_headers and image_file_header structs of a pe header.
Usage:
Code:
Usage:
Code:
C:\Documents and Settings\Owner\Desktop>pe u.exe
File Header: PE
Machine: 014c
Number of Sections: 0003
Time Date Stamp: 436ba9ee
Pointer To Symbols Table: 00001400
Size of Optional Header: 00e0
Characteristics: 0207
C:\Documents and Settings\Owner\Desktop>
Code:
#include <stdio.h>
#include <stdlib.h>
int main(int argc,char *argv[])
{
FILE *file;
long filesize;
char * buf;
int x;
int temp;
char *messages[6];
messages[0] = "File Header: ";
messages[1] = "Machine: ";
messages[2] = "Number of Sections: ";
messages[3] = "Time Date Stamp: ";
messages[4] = "Pointer To Symbols Table: ";
messages[5] = "Size of Optional Header: ";
messages[6] = "Characteristics: ";
if (argc != 2)
{
printf("Usage: pe <file name>");
exit(1);
}
if ((file = fopen(argv[1],"rb")) == NULL)
{
printf("Error opening file\n");
exit(1);
}
fseek(file,0,SEEK_END);
filesize = ftell(file);
rewind(file);
buf = (char *) malloc(filesize);
if (buf == NULL)
{
printf("Error allocating memory\n");
exit(1);
}
if (fread(buf,1,filesize,file) != filesize)
{
printf("Error reading file.\n");
exit(1);
}
fclose(file);
printf("%s%c%c\n",messages[0],buf[128],buf[129]);
printf("%s%2x%2x\n",messages[1],buf[133],buf[132]);
printf("%s%2x%2x\n",messages[2],buf[135],buf[134]);
printf("%s%2x%2x%2x%2x\n",messages[3],buf[139],buf[138],buf[137],buf[136]);
printf("%s%2x%2x%2x%2x\n",messages[4],buf[143],buf[142],buf[141],buf[140]);
printf("%s%2x%2x\n",messages[5],buf[149],buf[148]);
printf("%s%2x%2x\n",messages[6],buf[151],buf[150]);
free(buf);
return 0;
}
