1
2
3
4
5 package pe
6
7 type FileHeader struct {
8 Machine uint16
9 NumberOfSections uint16
10 TimeDateStamp uint32
11 PointerToSymbolTable uint32
12 NumberOfSymbols uint32
13 SizeOfOptionalHeader uint16
14 Characteristics uint16
15 }
16
17 type DataDirectory struct {
18 VirtualAddress uint32
19 Size uint32
20 }
21
22 type OptionalHeader32 struct {
23 Magic uint16
24 MajorLinkerVersion uint8
25 MinorLinkerVersion uint8
26 SizeOfCode uint32
27 SizeOfInitializedData uint32
28 SizeOfUninitializedData uint32
29 AddressOfEntryPoint uint32
30 BaseOfCode uint32
31 BaseOfData uint32
32 ImageBase uint32
33 SectionAlignment uint32
34 FileAlignment uint32
35 MajorOperatingSystemVersion uint16
36 MinorOperatingSystemVersion uint16
37 MajorImageVersion uint16
38 MinorImageVersion uint16
39 MajorSubsystemVersion uint16
40 MinorSubsystemVersion uint16
41 Win32VersionValue uint32
42 SizeOfImage uint32
43 SizeOfHeaders uint32
44 CheckSum uint32
45 Subsystem uint16
46 DllCharacteristics uint16
47 SizeOfStackReserve uint32
48 SizeOfStackCommit uint32
49 SizeOfHeapReserve uint32
50 SizeOfHeapCommit uint32
51 LoaderFlags uint32
52 NumberOfRvaAndSizes uint32
53 DataDirectory [16]DataDirectory
54 }
55
56 type OptionalHeader64 struct {
57 Magic uint16
58 MajorLinkerVersion uint8
59 MinorLinkerVersion uint8
60 SizeOfCode uint32
61 SizeOfInitializedData uint32
62 SizeOfUninitializedData uint32
63 AddressOfEntryPoint uint32
64 BaseOfCode uint32
65 ImageBase uint64
66 SectionAlignment uint32
67 FileAlignment uint32
68 MajorOperatingSystemVersion uint16
69 MinorOperatingSystemVersion uint16
70 MajorImageVersion uint16
71 MinorImageVersion uint16
72 MajorSubsystemVersion uint16
73 MinorSubsystemVersion uint16
74 Win32VersionValue uint32
75 SizeOfImage uint32
76 SizeOfHeaders uint32
77 CheckSum uint32
78 Subsystem uint16
79 DllCharacteristics uint16
80 SizeOfStackReserve uint64
81 SizeOfStackCommit uint64
82 SizeOfHeapReserve uint64
83 SizeOfHeapCommit uint64
84 LoaderFlags uint32
85 NumberOfRvaAndSizes uint32
86 DataDirectory [16]DataDirectory
87 }
88
89 const (
90 IMAGE_FILE_MACHINE_UNKNOWN = 0x0
91 IMAGE_FILE_MACHINE_AM33 = 0x1d3
92 IMAGE_FILE_MACHINE_AMD64 = 0x8664
93 IMAGE_FILE_MACHINE_ARM = 0x1c0
94 IMAGE_FILE_MACHINE_ARMNT = 0x1c4
95 IMAGE_FILE_MACHINE_ARM64 = 0xaa64
96 IMAGE_FILE_MACHINE_EBC = 0xebc
97 IMAGE_FILE_MACHINE_I386 = 0x14c
98 IMAGE_FILE_MACHINE_IA64 = 0x200
99 IMAGE_FILE_MACHINE_LOONGARCH32 = 0x6232
100 IMAGE_FILE_MACHINE_LOONGARCH64 = 0x6264
101 IMAGE_FILE_MACHINE_M32R = 0x9041
102 IMAGE_FILE_MACHINE_MIPS16 = 0x266
103 IMAGE_FILE_MACHINE_MIPSFPU = 0x366
104 IMAGE_FILE_MACHINE_MIPSFPU16 = 0x466
105 IMAGE_FILE_MACHINE_POWERPC = 0x1f0
106 IMAGE_FILE_MACHINE_POWERPCFP = 0x1f1
107 IMAGE_FILE_MACHINE_R4000 = 0x166
108 IMAGE_FILE_MACHINE_SH3 = 0x1a2
109 IMAGE_FILE_MACHINE_SH3DSP = 0x1a3
110 IMAGE_FILE_MACHINE_SH4 = 0x1a6
111 IMAGE_FILE_MACHINE_SH5 = 0x1a8
112 IMAGE_FILE_MACHINE_THUMB = 0x1c2
113 IMAGE_FILE_MACHINE_WCEMIPSV2 = 0x169
114 IMAGE_FILE_MACHINE_RISCV32 = 0x5032
115 IMAGE_FILE_MACHINE_RISCV64 = 0x5064
116 IMAGE_FILE_MACHINE_RISCV128 = 0x5128
117 )
118
119
120 const (
121 IMAGE_DIRECTORY_ENTRY_EXPORT = 0
122 IMAGE_DIRECTORY_ENTRY_IMPORT = 1
123 IMAGE_DIRECTORY_ENTRY_RESOURCE = 2
124 IMAGE_DIRECTORY_ENTRY_EXCEPTION = 3
125 IMAGE_DIRECTORY_ENTRY_SECURITY = 4
126 IMAGE_DIRECTORY_ENTRY_BASERELOC = 5
127 IMAGE_DIRECTORY_ENTRY_DEBUG = 6
128 IMAGE_DIRECTORY_ENTRY_ARCHITECTURE = 7
129 IMAGE_DIRECTORY_ENTRY_GLOBALPTR = 8
130 IMAGE_DIRECTORY_ENTRY_TLS = 9
131 IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG = 10
132 IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT = 11
133 IMAGE_DIRECTORY_ENTRY_IAT = 12
134 IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT = 13
135 IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14
136 )
137
138
139 const (
140 IMAGE_FILE_RELOCS_STRIPPED = 0x0001
141 IMAGE_FILE_EXECUTABLE_IMAGE = 0x0002
142 IMAGE_FILE_LINE_NUMS_STRIPPED = 0x0004
143 IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0x0008
144 IMAGE_FILE_AGGRESIVE_WS_TRIM = 0x0010
145 IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x0020
146 IMAGE_FILE_BYTES_REVERSED_LO = 0x0080
147 IMAGE_FILE_32BIT_MACHINE = 0x0100
148 IMAGE_FILE_DEBUG_STRIPPED = 0x0200
149 IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0x0400
150 IMAGE_FILE_NET_RUN_FROM_SWAP = 0x0800
151 IMAGE_FILE_SYSTEM = 0x1000
152 IMAGE_FILE_DLL = 0x2000
153 IMAGE_FILE_UP_SYSTEM_ONLY = 0x4000
154 IMAGE_FILE_BYTES_REVERSED_HI = 0x8000
155 )
156
157
158 const (
159 IMAGE_SUBSYSTEM_UNKNOWN = 0
160 IMAGE_SUBSYSTEM_NATIVE = 1
161 IMAGE_SUBSYSTEM_WINDOWS_GUI = 2
162 IMAGE_SUBSYSTEM_WINDOWS_CUI = 3
163 IMAGE_SUBSYSTEM_OS2_CUI = 5
164 IMAGE_SUBSYSTEM_POSIX_CUI = 7
165 IMAGE_SUBSYSTEM_NATIVE_WINDOWS = 8
166 IMAGE_SUBSYSTEM_WINDOWS_CE_GUI = 9
167 IMAGE_SUBSYSTEM_EFI_APPLICATION = 10
168 IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER = 11
169 IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER = 12
170 IMAGE_SUBSYSTEM_EFI_ROM = 13
171 IMAGE_SUBSYSTEM_XBOX = 14
172 IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION = 16
173 )
174
175
176
177 const (
178 IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA = 0x0020
179 IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE = 0x0040
180 IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY = 0x0080
181 IMAGE_DLLCHARACTERISTICS_NX_COMPAT = 0x0100
182 IMAGE_DLLCHARACTERISTICS_NO_ISOLATION = 0x0200
183 IMAGE_DLLCHARACTERISTICS_NO_SEH = 0x0400
184 IMAGE_DLLCHARACTERISTICS_NO_BIND = 0x0800
185 IMAGE_DLLCHARACTERISTICS_APPCONTAINER = 0x1000
186 IMAGE_DLLCHARACTERISTICS_WDM_DRIVER = 0x2000
187 IMAGE_DLLCHARACTERISTICS_GUARD_CF = 0x4000
188 IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE = 0x8000
189 )
190
View as plain text