| | |
| | |
| | |
| |
|
| | package pe |
| |
|
| | type FileHeader struct { |
| | Machine uint16 |
| | NumberOfSections uint16 |
| | TimeDateStamp uint32 |
| | PointerToSymbolTable uint32 |
| | NumberOfSymbols uint32 |
| | SizeOfOptionalHeader uint16 |
| | Characteristics uint16 |
| | } |
| |
|
| | type DataDirectory struct { |
| | VirtualAddress uint32 |
| | Size uint32 |
| | } |
| |
|
| | type OptionalHeader32 struct { |
| | Magic uint16 |
| | MajorLinkerVersion uint8 |
| | MinorLinkerVersion uint8 |
| | SizeOfCode uint32 |
| | SizeOfInitializedData uint32 |
| | SizeOfUninitializedData uint32 |
| | AddressOfEntryPoint uint32 |
| | BaseOfCode uint32 |
| | BaseOfData uint32 |
| | ImageBase uint32 |
| | SectionAlignment uint32 |
| | FileAlignment uint32 |
| | MajorOperatingSystemVersion uint16 |
| | MinorOperatingSystemVersion uint16 |
| | MajorImageVersion uint16 |
| | MinorImageVersion uint16 |
| | MajorSubsystemVersion uint16 |
| | MinorSubsystemVersion uint16 |
| | Win32VersionValue uint32 |
| | SizeOfImage uint32 |
| | SizeOfHeaders uint32 |
| | CheckSum uint32 |
| | Subsystem uint16 |
| | DllCharacteristics uint16 |
| | SizeOfStackReserve uint32 |
| | SizeOfStackCommit uint32 |
| | SizeOfHeapReserve uint32 |
| | SizeOfHeapCommit uint32 |
| | LoaderFlags uint32 |
| | NumberOfRvaAndSizes uint32 |
| | DataDirectory [16]DataDirectory |
| | } |
| |
|
| | type OptionalHeader64 struct { |
| | Magic uint16 |
| | MajorLinkerVersion uint8 |
| | MinorLinkerVersion uint8 |
| | SizeOfCode uint32 |
| | SizeOfInitializedData uint32 |
| | SizeOfUninitializedData uint32 |
| | AddressOfEntryPoint uint32 |
| | BaseOfCode uint32 |
| | ImageBase uint64 |
| | SectionAlignment uint32 |
| | FileAlignment uint32 |
| | MajorOperatingSystemVersion uint16 |
| | MinorOperatingSystemVersion uint16 |
| | MajorImageVersion uint16 |
| | MinorImageVersion uint16 |
| | MajorSubsystemVersion uint16 |
| | MinorSubsystemVersion uint16 |
| | Win32VersionValue uint32 |
| | SizeOfImage uint32 |
| | SizeOfHeaders uint32 |
| | CheckSum uint32 |
| | Subsystem uint16 |
| | DllCharacteristics uint16 |
| | SizeOfStackReserve uint64 |
| | SizeOfStackCommit uint64 |
| | SizeOfHeapReserve uint64 |
| | SizeOfHeapCommit uint64 |
| | LoaderFlags uint32 |
| | NumberOfRvaAndSizes uint32 |
| | DataDirectory [16]DataDirectory |
| | } |
| |
|
| | const ( |
| | IMAGE_FILE_MACHINE_UNKNOWN = 0x0 |
| | IMAGE_FILE_MACHINE_AM33 = 0x1d3 |
| | IMAGE_FILE_MACHINE_AMD64 = 0x8664 |
| | IMAGE_FILE_MACHINE_ARM = 0x1c0 |
| | IMAGE_FILE_MACHINE_ARMNT = 0x1c4 |
| | IMAGE_FILE_MACHINE_ARM64 = 0xaa64 |
| | IMAGE_FILE_MACHINE_EBC = 0xebc |
| | IMAGE_FILE_MACHINE_I386 = 0x14c |
| | IMAGE_FILE_MACHINE_IA64 = 0x200 |
| | IMAGE_FILE_MACHINE_LOONGARCH32 = 0x6232 |
| | IMAGE_FILE_MACHINE_LOONGARCH64 = 0x6264 |
| | IMAGE_FILE_MACHINE_M32R = 0x9041 |
| | IMAGE_FILE_MACHINE_MIPS16 = 0x266 |
| | IMAGE_FILE_MACHINE_MIPSFPU = 0x366 |
| | IMAGE_FILE_MACHINE_MIPSFPU16 = 0x466 |
| | IMAGE_FILE_MACHINE_POWERPC = 0x1f0 |
| | IMAGE_FILE_MACHINE_POWERPCFP = 0x1f1 |
| | IMAGE_FILE_MACHINE_R4000 = 0x166 |
| | IMAGE_FILE_MACHINE_SH3 = 0x1a2 |
| | IMAGE_FILE_MACHINE_SH3DSP = 0x1a3 |
| | IMAGE_FILE_MACHINE_SH4 = 0x1a6 |
| | IMAGE_FILE_MACHINE_SH5 = 0x1a8 |
| | IMAGE_FILE_MACHINE_THUMB = 0x1c2 |
| | IMAGE_FILE_MACHINE_WCEMIPSV2 = 0x169 |
| | IMAGE_FILE_MACHINE_RISCV32 = 0x5032 |
| | IMAGE_FILE_MACHINE_RISCV64 = 0x5064 |
| | IMAGE_FILE_MACHINE_RISCV128 = 0x5128 |
| | ) |
| |
|
| | |
| | const ( |
| | IMAGE_DIRECTORY_ENTRY_EXPORT = 0 |
| | IMAGE_DIRECTORY_ENTRY_IMPORT = 1 |
| | IMAGE_DIRECTORY_ENTRY_RESOURCE = 2 |
| | IMAGE_DIRECTORY_ENTRY_EXCEPTION = 3 |
| | IMAGE_DIRECTORY_ENTRY_SECURITY = 4 |
| | IMAGE_DIRECTORY_ENTRY_BASERELOC = 5 |
| | IMAGE_DIRECTORY_ENTRY_DEBUG = 6 |
| | IMAGE_DIRECTORY_ENTRY_ARCHITECTURE = 7 |
| | IMAGE_DIRECTORY_ENTRY_GLOBALPTR = 8 |
| | IMAGE_DIRECTORY_ENTRY_TLS = 9 |
| | IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG = 10 |
| | IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT = 11 |
| | IMAGE_DIRECTORY_ENTRY_IAT = 12 |
| | IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT = 13 |
| | IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14 |
| | ) |
| |
|
| | |
| | const ( |
| | IMAGE_FILE_RELOCS_STRIPPED = 0x0001 |
| | IMAGE_FILE_EXECUTABLE_IMAGE = 0x0002 |
| | IMAGE_FILE_LINE_NUMS_STRIPPED = 0x0004 |
| | IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0x0008 |
| | IMAGE_FILE_AGGRESIVE_WS_TRIM = 0x0010 |
| | IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x0020 |
| | IMAGE_FILE_BYTES_REVERSED_LO = 0x0080 |
| | IMAGE_FILE_32BIT_MACHINE = 0x0100 |
| | IMAGE_FILE_DEBUG_STRIPPED = 0x0200 |
| | IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0x0400 |
| | IMAGE_FILE_NET_RUN_FROM_SWAP = 0x0800 |
| | IMAGE_FILE_SYSTEM = 0x1000 |
| | IMAGE_FILE_DLL = 0x2000 |
| | IMAGE_FILE_UP_SYSTEM_ONLY = 0x4000 |
| | IMAGE_FILE_BYTES_REVERSED_HI = 0x8000 |
| | ) |
| |
|
| | |
| | const ( |
| | IMAGE_SUBSYSTEM_UNKNOWN = 0 |
| | IMAGE_SUBSYSTEM_NATIVE = 1 |
| | IMAGE_SUBSYSTEM_WINDOWS_GUI = 2 |
| | IMAGE_SUBSYSTEM_WINDOWS_CUI = 3 |
| | IMAGE_SUBSYSTEM_OS2_CUI = 5 |
| | IMAGE_SUBSYSTEM_POSIX_CUI = 7 |
| | IMAGE_SUBSYSTEM_NATIVE_WINDOWS = 8 |
| | IMAGE_SUBSYSTEM_WINDOWS_CE_GUI = 9 |
| | IMAGE_SUBSYSTEM_EFI_APPLICATION = 10 |
| | IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER = 11 |
| | IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER = 12 |
| | IMAGE_SUBSYSTEM_EFI_ROM = 13 |
| | IMAGE_SUBSYSTEM_XBOX = 14 |
| | IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION = 16 |
| | ) |
| |
|
| | |
| | |
| | const ( |
| | IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA = 0x0020 |
| | IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE = 0x0040 |
| | IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY = 0x0080 |
| | IMAGE_DLLCHARACTERISTICS_NX_COMPAT = 0x0100 |
| | IMAGE_DLLCHARACTERISTICS_NO_ISOLATION = 0x0200 |
| | IMAGE_DLLCHARACTERISTICS_NO_SEH = 0x0400 |
| | IMAGE_DLLCHARACTERISTICS_NO_BIND = 0x0800 |
| | IMAGE_DLLCHARACTERISTICS_APPCONTAINER = 0x1000 |
| | IMAGE_DLLCHARACTERISTICS_WDM_DRIVER = 0x2000 |
| | IMAGE_DLLCHARACTERISTICS_GUARD_CF = 0x4000 |
| | IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE = 0x8000 |
| | ) |
| |
|
