; ********************************************************************************
; * The Small portable executable Format Program Information *
; ********************************************************************************
; * Author:njhhack e-mail:[email protected] homepage:hotsky.363.net *
; * Created Date:2001.5.6 *
; * Develop Tools Obtained from Copyright (C) 1987,1996 Borland International *
; * Turbo Assembler Version 4.1 : Tasm /m spe *
; * Turbo Link Version 7.1.30.1 : Tlink /3 /t spe, spe.exe *
; ********************************************************************************
; +-------------------+
; | DOS-stub | 50h
; +-------------------+
; | file-header |--+ 18h
; +-------------------+ |
; | optional header | | 60h-----------+
; +-------------------+ +---Total =1c0h |---Total 0e0h
; | data directories | | 80h-----------+
; +-------------------+ |
; | section headers |--+ 28h----->Total 0b8h
; +-------------------+
; | section 1 | .code Section
; +-------------------+
; | section 2 |
; +-------------------+
; | ... |
; +-------------------+
; | section n |
; +-------------------+
;*****************************************************
; DOS Stub
;*****************************************************
.286p
DosHeader SEGMENT ;
BeginProgram:
DosSignature db 'MZ' ;
LastSectorLength dw 1 ;
FileSize dw 2 ;this size include head section,the unit is 512 bytes
RelocateTableNums dw 0 ;
HeadSize dw 2 ;this size unit is 16 bytes
MinMem dw 0 ;
MaxMem dw 0ffffh ;
OffsetSS dw 0 ;
OffsetSP dw 0b8h ;
FileCheckSum dw 0 ;
OffsetIP dw 0 ;
OffsetCS dw 0 ;
FistRelocateAddress dw 3eh ;noused in pe
OverloayNums dw 0 ;
org 20h ;
;*****************************************************
; DOS Proc
;*****************************************************
mov dx,offset DOS_MESSAGE+100h-20h ;
mov ah,9 ;
int 21h ;
mov ax,4c01h ;
int 21h ;
DOS_MESSAGE db 'Run Win2000.',0dh,0ah,07,'$' ;
org 3ch ;pe sig
PeHeadAddress db 50h ;
org 50h ;
DosHeader ENDS
;*****************************************************
; File Header
;********************************************************
.586p
FileHeader SEGMENT ;
WinSignature dd 4550h ;PE Format
Machine dw 14ch ;Intel 80386
NumberOfSections dw 1 ;.code Section
TimeDateStamp dd 0352068f1h ;
PointerToSymbolTable dd 0 ;unused
NumberOfSymbols dd 0 ;unused
SizeOfOptionalHeader dw 0e0h ;constant=optinal header+data Directory
Characteristics dw 010fh ;executable on 32-bit-machine
;********************************************************
; Optional Header
;********************************************************
Magic dw 010bh ;constant
MajorLinkerVersion db 5 ;I'm version 0.0 :-)
MinorLinkerVersion db 2 ;
SizeOfCode dd 1000h ;32 bytes of code;100h
SizeOfInitializedData dd 0 ;yet to find out;0
SizeOfUninitializedData dd 0 ;we don't have a BSS;0
AddressOfEntryPoint dd 1000h ;yet to find out;1010h
BaseOfCode dd 1000h ;yet to find out;1000h
BaseOfData dd 2000h ;yet to find out;200h
ImageBase dd 400000h ;1 MB, chosen arbitrarily;400000h
SectionAlignment dd 1000h ;32-bytes-alignment;100h
;
FileAlignment dd 20h;200h ;32-bytes-alignment;200h
;
MajorOperatingSystemVersion dw 4 ;NT 4.0
MinorOperatingSystemVersion dw 0 ;
MajorImageVersion dw 1 ;version 1.2
MinorImageVersion dw 2 ;
MajorSubsystemVersion dw 4 ;Win32 4.0
MinorSubsystemVersion dw 0 ;
Win32VersionValue dd 0 ;unused?
;
SizeOfImage dd 2000h ;yet to find out;200h
SizeOfHeaders dd 200h ;yet to find out;200h
CheckSum dd 0 ;not used for non-drivers
Subsystem dw 2 ;Win32 console
DllCharacteristics dw 0 ;unused (not a DLL)
SizeOfStackReserve dd 100000h ;1 MB stack
SizeOfStackCommit dd 1000h ;4 KB to start with
SizeOfHeapReserve dd 100000h ;1 MB heap
SizeOfHeapCommit dd 1000h ;4 KB to start with
LoaderFlags dd 0 ;unknown
NumberOfRvaAndSizes dd 10h ;constant
;*****************************************************
; Image Data Directories,
;***********************************************************************
;Address Size
Ide00Export dd 0,0 ;IMAGE_DIRECTORY_ENTRY_EXPORT (0)
Ide01Import dd 0,0 ;IMAGE_DIRECTORY_ENTRY_IMPORT (1)
Ide02Resource dd 0,0 ;IMAGE_DIRECTORY_ENTRY_RESOURCE (2)
Ide03Exception dd 0,0 ;IMAGE_DIRECTORY_ENTRY_EXCEPTION (3)
Ide04Security dd 0,0 ;IMAGE_DIRECTORY_ENTRY_SECURITY (4)
Ide05BaseReloc dd 0,0 ;IMAGE_DIRECTORY_ENTRY_BASERELOC (5)
Ide06Debug dd 0,0 ;IMAGE_DIRECTORY_ENTRY_DEBUG (6)
Ide07Copyright dd 0,0 ;IMAGE_DIRECTORY_ENTRY_COPYRIGHT (7)
Ide08Globalptr dd 0,0 ;IMAGE_DIRECTORY_ENTRY_GLOBALPTR (8)
Ide09Tls dd 0,0 ;IMAGE_DIRECTORY_ENTRY_TLS (9)
Ide10LoadConfig dd 0,0 ;IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG (10)
Ide11BoundImport dd 0,0 ;IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (11)
Ide12Iat dd 0,0 ;IMAGE_DIRECTORY_ENTRY_IAT (12)
Ide13 dd 0,0 ;13
Ide14 dd 0,0 ;14
Ide15 dd 0,0 ;15
;**********************************************************************
; Section Header
;**********************************************************************************
SectionName db '.code',0,0,0 ;".code",8 bytes
VirtualSize dd 1000h ;unused
VirtualAddress dd 1000h ;yet to find out
SizeOfRawData dd 1000h ;size of code
PointerToRawData dd 200h ;yet to find out
PointerToRelocations dd 0 ;unused
PointerToLinenumbers dd 0 ;unused
NumberOfRelocations dw 0 ;unused
NumberOfLinenumbers dw 0 ;unused
Characteristics2 dd 60000020h ;code, executable, readable
;-----------------padding nulls-----------------------------------------
dd PESize ;
VersionCopyright db 'WIN32.PE 1.0' ;
org 1b0h ;
FileHeader ENDS
;**********************************************************************************
; .code Section
;**********************************************************************************
CodeSection SEGMENT ;1
ret ;
PESize = $ ;
CodeSection ENDS
END BeginProgram
;*****************************************************************************
;* njhhack 2001.5.6 Copyrigth(C) 2001-2004 Allrights Reserved. *
;* this PE File is Only 513 bytes,but it's a raw program,it's fun!
;*****************************************************************************
|
本类阅读TOP10