home *** CD-ROM | disk | FTP | other *** search
/ Cracking 2 / Cracking II..iso / Tools / TRW2000 for Win9x v1.22 / PLUGSDK / PEDUMP / MYPE.H < prev    next >
Encoding:
Text File  |  2000-02-18  |  4.7 KB  |  146 lines
  1.  
  2. typedef struct _IMTE
  3. {
  4.     DWORD           un1;            // 00h
  5. //    PIMAGE_NT_HEADERS   pNTHdr;     // 04h
  6.     DWORD            pNTHdr;
  7.     DWORD           un2;            // 08h
  8.     PSTR            pszFileName;    // 0Ch
  9.     PSTR            pszModName;     // 10h
  10.     WORD            cbFileName;     // 14h
  11.     WORD            cbModName;      // 16h
  12.     DWORD           un3;            // 18h
  13.     DWORD           cSections;      // 1Ch
  14.     DWORD           un5;            // 20h
  15.     DWORD           baseAddress;    // 24h
  16.     WORD            hModule16;      // 28h
  17.     WORD            cUsage;         // 2Ah
  18.     DWORD           un7;            // 2Ch
  19.     PSTR            pszFileName2;   // 30h
  20.     WORD            cbFileName2;    // 34h
  21.     DWORD           pszModName2;    // 36h
  22.     WORD            cbModName2;     // 3Ah
  23. } IMTE, *PIMTE;
  24. typedef struct {
  25.     DWORD Signature;                //00    'PE'
  26.  
  27. //    IMAGE_FILE_HEADER FileHeader;
  28.     WORD    Machine;                //04
  29.     WORD    NumberOfSections;       //06
  30.     DWORD   TimeDateStamp;          //08
  31.     DWORD   PointerToSymbolTable;   //0c
  32.     DWORD   NumberOfSymbols;        //10
  33.     WORD    SizeOfOptionalHeader;   //14
  34.     WORD    Characteristics;        //16
  35.  
  36. //    IMAGE_OPTIONAL_HEADER OptionalHeader;
  37.     WORD    Magic;                    //+18
  38.     BYTE    MajorLinkerVersion;       //+1a
  39.     BYTE    MinorLinkerVersion;
  40.     DWORD   SizeOfCode;               //+1c
  41.     DWORD   SizeOfInitializedData;    //+20
  42.     DWORD   SizeOfUninitializedData;
  43.     DWORD   AddressOfEntryPoint;
  44.     DWORD   BaseOfCode;               //+2c
  45.     DWORD   BaseOfData;               //+30
  46.     DWORD   ImageBase;                //+34
  47.     DWORD   SectionAlignment;
  48.     DWORD   FileAlignment;
  49.     WORD    MajorOperatingSystemVersion; //+40
  50.     WORD    MinorOperatingSystemVersion;
  51.     WORD    MajorImageVersion;
  52.     WORD    MinorImageVersion;
  53.     WORD    MajorSubsystemVersion;       //+48
  54.     WORD    MinorSubsystemVersion;
  55.     DWORD   Win32VersionValue;           //+4c
  56.     DWORD   SizeOfImage;                 //+50
  57.     DWORD   SizeOfHeaders;
  58.     DWORD   CheckSum;                    //+58
  59.     WORD    Subsystem;                   //+5c
  60.     WORD    DllCharacteristics;
  61.     DWORD   SizeOfStackReserve;          //+60
  62.     DWORD   SizeOfStackCommit;
  63.     DWORD   SizeOfHeapReserve;
  64.     DWORD   SizeOfHeapCommit;
  65.     DWORD   LoaderFlags;                 //+70
  66.     DWORD   NumberOfRvaAndSizes;         //+74
  67.  
  68. //    IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
  69.     DWORD   EXPORT_VirtualAddress;       //+78
  70.     DWORD   EXPORT_Size;                 //+7c
  71.  
  72.     DWORD   IMPORT_VirtualAddress;       //+80
  73.     DWORD   IMPORT_Size;                 //+84
  74.  
  75.     DWORD   RESORC_VirtualAddress;       //+88
  76.     DWORD   RESORC_Size;                 //+8c
  77.  
  78.     DWORD   EXCEPT_VirtualAddress;       //+90
  79.     DWORD   EXCEPT_Size;                 //+94
  80.  
  81.     DWORD   SECURT_VirtualAddress;       //+98
  82.     DWORD   SECURT_Size;                 //+9c
  83.  
  84. } myPE,*PmyPE;
  85.  
  86. //
  87. // Section header format.
  88. //
  89.  
  90. #define IMAGE_SIZEOF_SHORT_NAME              8
  91.  
  92. typedef struct _IMAGE_SECTION_HEADER {
  93.     BYTE    Name[IMAGE_SIZEOF_SHORT_NAME];
  94.     union {
  95.             DWORD   PhysicalAddress;
  96.             DWORD   VirtualSize;
  97.     } Misc;
  98.     DWORD   VirtualAddress;
  99.     DWORD   SizeOfRawData;
  100.     DWORD   PointerToRawData;
  101.     DWORD   PointerToRelocations;
  102.     DWORD   PointerToLinenumbers;
  103.     WORD    NumberOfRelocations;
  104.     WORD    NumberOfLinenumbers;
  105.     DWORD   Characteristics;
  106. } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER;
  107.  
  108. #define IMAGE_SIZEOF_SECTION_HEADER          40
  109.  
  110. #define my_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER)        \
  111.     ((DWORD)ntheader + 0x18 +                                           \
  112.      ntheader->SizeOfOptionalHeader   \
  113.     ))
  114.  
  115. //
  116. // Export Format
  117. //
  118.  
  119. typedef struct _IMAGE_EXPORT_DIRECTORY {
  120.     DWORD   Characteristics;    //00
  121.     DWORD   TimeDateStamp;        //04
  122.     WORD    MajorVersion;        //08
  123.     WORD    MinorVersion;        //0a
  124.     DWORD   Name;                //0c
  125.     DWORD   Base;                //10
  126.     DWORD   NumberOfFunctions;    //14
  127.     DWORD   NumberOfNames;        //18
  128.     PDWORD  *AddressOfFunctions;//1c
  129.     PDWORD  *AddressOfNames;    //20
  130.     PWORD   *AddressOfNameOrdinals;//24
  131. } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
  132.  
  133. typedef struct  {        //size = 40
  134.     BYTE    Name[8];    //+0
  135.     DWORD   VirtualSize;            //+8
  136.     DWORD   RVA;                    //+c
  137.     DWORD   PhysicalSize;                    //+10
  138.     DWORD   PhysicalOffset;                //+14
  139.     DWORD   PointerToRelocations;            //+18
  140.     DWORD   PointerToLinenumbers;            //+1c
  141.     WORD    NumberOfRelocations;            //+20
  142.     WORD    NumberOfLinenumbers;            //+22
  143.     DWORD   Object_Flags;                //+24
  144. } Object_Table, *PObject_Table;
  145.  
  146.