windows 如何手动创建可执行的 .exe PE 文件?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7957963/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I create an executable .exe PE file manually?
提问by AppleGrew
All texts on how to create a compiler stop after explaining lexers and parsers. They don't explain how to create the machine code. I want to understand the end-to-end process.
在解释词法分析器和解析器之后,所有关于如何创建编译器的文本都停止了。他们没有解释如何创建机器代码。我想了解端到端的流程。
Currently what I understand is that, the Windows exe file formats are called Portable Executable. I read about the headers it has and am yet to find a resource which explains this easily.
目前我的理解是,Windows exe 文件格式称为便携式可执行文件。我阅读了它的标题,但还没有找到可以轻松解释这一点的资源。
My next issue is, I don't see any resource which explains how machine code is stored in the file. Is it like 32-bit fixed length instructions stored one after another in the .textsection?
我的下一个问题是,我没有看到任何解释机器代码如何存储在文件中的资源。是不是像32位定长指令一个接一个地存储在.textsection里?
Is there any place which at least explains how to create an exe file which does nothing (it has a No Op instruction). My next step then would be linking to dll files to print to console.
是否有任何地方至少解释了如何创建一个什么都不做的 exe 文件(它有一个 No Op 指令)。我的下一步是链接到 dll 文件以打印到控制台。
采纳答案by zengr
Nice question! I don't have much expertise on this specific question, but this is how I would start:
好问题!我对这个特定问题没有太多专业知识,但这就是我的开始方式:
PE or ELF does not create pure machine code. It also contains some header info etc. Read more: Writing custom data to executable files in Windows and Linux
I assume you are looking for how does ELF/PE file hold the machine code, you can get that from this question (using objdump): How do you extract only contents of an ELF section
Now, if you want to know how the content part is generated in the first place, i.e. how is the machine code generated, then that's the task of the compiler's code generation.
Try out some resource editor like ResourceEditorto understand the exe or simply ildasm.
PE 或 ELF 不会创建纯机器代码。它还包含一些标题信息等。阅读更多:将自定义数据写入 Windows 和 Linux 中的可执行文件
我假设您正在寻找 ELF/PE 文件如何保存机器代码,您可以从这个问题中得到它(使用 objdump):How do you extract only contents of an ELF section
现在,如果您想首先知道内容部分是如何生成的,即机器代码是如何生成的,那么这就是编译器代码生成的任务。
尝试一些资源编辑器,如ResourceEditor来理解 exe 或简单的ildasm。
PS: These are mostly Unix solutions, but I am sure, PE should be doing something fundamentally similar.
PS:这些大多是 Unix 解决方案,但我敢肯定,PE 应该做一些基本相似的事情。
I think the best way to approach it will be first try to analyze how existing PE/ELFs work, basically reverse engineering. And to do that, Unix machine will be a good point to start. And then do your magic :)
我认为最好的方法是首先尝试分析现有的 PE/ELF 是如何工作的,基本上是逆向工程。要做到这一点,Unix 机器将是一个很好的起点。然后做你的魔法:)
Not same but a similar question here.
不一样,但这里有一个类似的问题。
Update:
更新:
I generated an object dump out of a sample c code. Now, I assume that's what you are targeting right? You need to know do you generate this file (a.out)?
我从示例 c 代码中生成了一个对象转储。现在,我假设这就是您的目标,对吗?您需要知道您是否生成此文件 (a.out)?
https://gist.github.com/1329947
https://gist.github.com/1329947
Take a look at this image, a life time of a c code.
看看这张图片,ac代码的生命周期。
SourceNow, just to be clear, you are looking to implement the final step, i.e. conversion of object code to executable code?
源代码现在,明确地说,您正在寻找实现最后一步,即将目标代码转换为可执行代码?
回答by Ofek Shilon
As in many of his articles, I'd say Matt Pietrek's piece about PE internalsremains the best introdction to the matter more than a decade after being written.
正如在他的许多文章中一样,我想说Matt Pietrek 的关于 PE 内部结构的文章在写完十多年后仍然是对这个问题最好的介绍。
回答by John Donn
For Linux, one may read and run the examples from "Programming from the Ground Up" by Jonathan Bartlett:
对于 Linux,可以阅读并运行 Jonathan Bartlett 撰写的“从头开始编程”中的示例:
Then of course one may prefer to hack Windows programs. But perhaps the former gives a better way to understand what really goes on.
那么当然有人可能更喜欢破解 Windows 程序。但也许前者提供了一种更好的方式来理解真正发生的事情。
回答by Vlad
Some information about making PE files as small as possible: Tiny PE.
有关使 PE 文件尽可能小的一些信息:Tiny PE。
The minimalistic way to mess around with code generation, if you're just looking to try a few simple things out, is to output MS-DOS .COM files, which have no header or metadata. Sadly, you'd be restricted to 16-bit code. This format is still somewhat popular for demos.
如果您只是想尝试一些简单的事情,那么处理代码生成的简约方法是输出没有标题或元数据的MS-DOS .COM 文件。遗憾的是,您只能使用 16 位代码。这种格式在演示中仍然有些流行。
As for the instruction format, from what I recall the x86 instruction set is variable-length, including 1-byte instructions. RISC CPUs would probably have fixed-length instructions.
至于指令格式,我记得x86指令集是变长的,包括1字节的指令。RISC CPU 可能有固定长度的指令。
回答by Martin Beckett
Not surprisingly the best sites for information about writing PE format files are all about creating viruses.
毫不奇怪,有关编写 PE 格式文件的信息的最佳站点都是关于创建病毒的。
A search of VX Heavensfor "PE" gives a whole bunch of tutorials for modifying PE files
在VX Heavens 上搜索“PE”提供了一大堆修改 PE 文件的教程
回答by shawty
Iv'e used "Wotsit's File Format" for years... all the way back to the days of MS-Dos :-) and back to when it was just a collection of text files you could download from most BBS systems called "The Game programmers file type encyclopaedia"
我多年来一直使用“Wotsit 的文件格式”......一直回到 MS-Dos 的时代 :-) 并回到它只是一个文本文件集合的时候,你可以从大多数 BBS 系统下载称为“The游戏程序员档案类型百科”
It's now owned by the people that run Gamedev.Net, and probably one of the best kept secrets on the internet.
它现在归经营 Gamedev.Net 的人所有,可能是互联网上保守得最好的秘密之一。
You'll find the EXE format on this page : http://www.wotsit.org/list.asp?fc=5
您将在此页面上找到 EXE 格式:http://www.wotsit.org/list.asp?fc =5
Enjoy.
享受。
