[原创]WinHex PE文件模版-编程技术-看雪-安全社区|安全招聘|kanxue.com

最新回复 (3)
JackJoker 雪币： 188 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 414 粉丝 0 关注私信	JackJoker 2 楼这个不错，支持一下。 2014-12-21 16:04 0
jfztaq 雪币： 261 活跃值： (1366) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 345 粉丝 1 关注私信	jfztaq 3 楼支持一下，谢谢分享 2014-12-21 16:49 0
RtlFree 雪币： 236 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 126 粉丝 0 关注私信	RtlFree 4 楼我也发一个,谢谢楼主，刚知道这个功能 template PE description PE applies_to file fixed_start 0x0 requires 0x0 4D5A multiple begin section "IMAGE_DOS_HEADER" read-only string 2 e_magic hexadecimal uint16 e_cblp hexadecimal uint16 e_cp hexadecimal uint16 e_crlc hexadecimal uint16 e_cparhdr hexadecimal uint16 e_minalloc hexadecimal uint16 e_maxalloc hexadecimal uint16 e_ss hexadecimal uint16 e_sp hexadecimal uint16 e_csum hexadecimal uint16 e_ip hexadecimal uint16 e_cs hexadecimal uint16 e_lfarlc hexadecimal uint16 e_ovno hex 8 e_res hexadecimal uint16 e_oemid hexadecimal uint16 e_oeminfo hex 20 e_res2 int32 e_lfanew endsection hex (e_lfanew-60-4) DosStub read-only string 4 Signature section "IMAGE_FILE_HEADER" hexadecimal uint16 Machine hexadecimal uint16 NumberOfSections uint32 TimeDateStamp uint32 PointerToSymbolTable uint32 NumberOfSymbols hexadecimal uint16 SizeOfOptionalHeader hexadecimal uint16 Characteristics endsection section "IMAGE_OPTIONAL_HEADER" read-only hexadecimal uint16 Magic byte MajorLinkerVersion byte MinorLinkerVersion hexadecimal uint32 SizeOfCode hexadecimal uint32 SizeOfInitializedData hexadecimal uint32 SizeOfUninitializedData hexadecimal uint32 AddressOfEntryPoint hexadecimal uint32 BaseOfCode hexadecimal uint32 BaseOfData hexadecimal uint32 ImageBase hexadecimal uint32 SectionAlignment hexadecimal uint32 FileAlignment hexadecimal uint16 MajorOperatingSystemVersion hexadecimal uint16 MinorOperatingSystemVersion hexadecimal uint16 MajorImageVersion hexadecimal uint16 MinorImageVersion hexadecimal uint16 MajorSubsystemVersion hexadecimal uint16 MinorSubsystemVersion hexadecimal uint32 Win32VersionValue hexadecimal uint32 SizeOfImage hexadecimal uint32 SizeOfHeaders hexadecimal uint32 CheckSum hexadecimal uint16 Subsystem hexadecimal uint16 DllCharacteristics hexadecimal uint32 SizeOfStackReserve hexadecimal uint32 SizeOfStackCommit hexadecimal uint32 SizeOfHeapReserve hexadecimal uint32 SizeOfHeapCommit hexadecimal uint32 LoaderFlags hexadecimal uint32 NumberOfRvaAndSizes numbering 0 { hexadecimal uint32 "DataDirectory[~].VirtualAddress" hexadecimal uint32 "DataDirectory[~].Size" }[16] endsection numbering 0 { Section "Section[~]" string 8 "Section[~].Name" hexadecimal uint32 "Section[~].VirtualSize" hexadecimal uint32 "Section[~].VirtualAddress" hexadecimal uint32 "Section[~].SizeOfRawData" hexadecimal uint32 "Section[~].PointerToRawData" hexadecimal uint32 "Section[~].PointerToRelocations" hexadecimal uint32 "Section[~].PointerToLinenumbers" hexadecimal uint16 "Section[~].NumberOfRelocations" hexadecimal uint16 "Section[~].NumberOfLinenumbers" hexadecimal uint32 "Section[~].Characteristics" endsection }[NumberOfSections] end 2014-12-21 17:27 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (3)
JackJoker 雪币： 188 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 414 粉丝 0 关注私信	JackJoker 2 楼这个不错，支持一下。 2014-12-21 16:04 0
jfztaq 雪币： 261 活跃值： (1366) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 345 粉丝 1 关注私信	jfztaq 3 楼支持一下，谢谢分享 2014-12-21 16:49 0
RtlFree 雪币： 236 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 126 粉丝 0 关注私信	RtlFree 4 楼我也发一个,谢谢楼主，刚知道这个功能 template PE description PE applies_to file fixed_start 0x0 requires 0x0 4D5A multiple begin section "IMAGE_DOS_HEADER" read-only string 2 e_magic hexadecimal uint16 e_cblp hexadecimal uint16 e_cp hexadecimal uint16 e_crlc hexadecimal uint16 e_cparhdr hexadecimal uint16 e_minalloc hexadecimal uint16 e_maxalloc hexadecimal uint16 e_ss hexadecimal uint16 e_sp hexadecimal uint16 e_csum hexadecimal uint16 e_ip hexadecimal uint16 e_cs hexadecimal uint16 e_lfarlc hexadecimal uint16 e_ovno hex 8 e_res hexadecimal uint16 e_oemid hexadecimal uint16 e_oeminfo hex 20 e_res2 int32 e_lfanew endsection hex (e_lfanew-60-4) DosStub read-only string 4 Signature section "IMAGE_FILE_HEADER" hexadecimal uint16 Machine hexadecimal uint16 NumberOfSections uint32 TimeDateStamp uint32 PointerToSymbolTable uint32 NumberOfSymbols hexadecimal uint16 SizeOfOptionalHeader hexadecimal uint16 Characteristics endsection section "IMAGE_OPTIONAL_HEADER" read-only hexadecimal uint16 Magic byte MajorLinkerVersion byte MinorLinkerVersion hexadecimal uint32 SizeOfCode hexadecimal uint32 SizeOfInitializedData hexadecimal uint32 SizeOfUninitializedData hexadecimal uint32 AddressOfEntryPoint hexadecimal uint32 BaseOfCode hexadecimal uint32 BaseOfData hexadecimal uint32 ImageBase hexadecimal uint32 SectionAlignment hexadecimal uint32 FileAlignment hexadecimal uint16 MajorOperatingSystemVersion hexadecimal uint16 MinorOperatingSystemVersion hexadecimal uint16 MajorImageVersion hexadecimal uint16 MinorImageVersion hexadecimal uint16 MajorSubsystemVersion hexadecimal uint16 MinorSubsystemVersion hexadecimal uint32 Win32VersionValue hexadecimal uint32 SizeOfImage hexadecimal uint32 SizeOfHeaders hexadecimal uint32 CheckSum hexadecimal uint16 Subsystem hexadecimal uint16 DllCharacteristics hexadecimal uint32 SizeOfStackReserve hexadecimal uint32 SizeOfStackCommit hexadecimal uint32 SizeOfHeapReserve hexadecimal uint32 SizeOfHeapCommit hexadecimal uint32 LoaderFlags hexadecimal uint32 NumberOfRvaAndSizes numbering 0 { hexadecimal uint32 "DataDirectory[~].VirtualAddress" hexadecimal uint32 "DataDirectory[~].Size" }[16] endsection numbering 0 { Section "Section[~]" string 8 "Section[~].Name" hexadecimal uint32 "Section[~].VirtualSize" hexadecimal uint32 "Section[~].VirtualAddress" hexadecimal uint32 "Section[~].SizeOfRawData" hexadecimal uint32 "Section[~].PointerToRawData" hexadecimal uint32 "Section[~].PointerToRelocations" hexadecimal uint32 "Section[~].PointerToLinenumbers" hexadecimal uint16 "Section[~].NumberOfRelocations" hexadecimal uint16 "Section[~].NumberOfLinenumbers" hexadecimal uint32 "Section[~].Characteristics" endsection }[NumberOfSections] end 2014-12-21 17:27 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复