I am learning the structure of a portable executable. I went th开发者_如何学Crough the MSDN article but I am a bit confused about it. I have some confusion with their precise stucture and its functionality.
Can anybody help me or please refer me to a nice article for this?
For a more discursive approach than official specs, you should have a look at Matt Pietrek 1994 article Peering inside the PE: A tour of the Win32 Portable Executable File Format. The explanation is more readable than the dry, official style of the specs.
This is the official current PE/COFF spec from MSFT: http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx
You should take a look to the excellent representation of the PE Format at http://www.openrce.org/reference_library/files/reference/PE%20Format.pdf.
Some (64Bits) fields are missing, but it is up to 99% close to the reality.
I used this schema to work on a product to analyze PE Files, which you can be download at www.winitor.com. Hope it helps.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论