Update of /cvsroot/wisp/wisp/users/dig
In directory sc8-pr-cvs1:/tmp/cvs-serv26114
Modified Files:
pedump.py
Log Message:
parse even more of PE headers
Index: pedump.py
===================================================================
RCS file: /cvsroot/wisp/wisp/users/dig/pedump.py,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- pedump.py 14 Apr 2003 23:44:01 -0000 1.2
+++ pedump.py 15 Apr 2003 00:50:38 -0000 1.3
@@ -60,7 +60,8 @@
0x0284: 'Alpha AXP 64-bit',
0x0366: 'Mips with FPU',
0x0466: 'Mips 16 with FPU'})
- print 'Section count: %i' % take('w')
+ section_count = take('w')
+ print 'Section count: %i' % section_count
timestamp = take('t')
print 'Timestamp: %i (%s)' % \
(timestamp, time.strftime('%Y-%m-%d %H:%M:%S GMT',
@@ -102,5 +103,56 @@
take('t') # reserved
print 'Size of image: 0x%08x headers: 0x%08x' % take('tt')
print 'Checksum: 0x%08x' % take('t')
+ state_enum('Subsystem', take('w'), {
+ 0: 'unknown',
+ 1: 'native',
+ 2: 'Windows GUI',
+ 3: 'Windows character',
+ 5: 'OS/2 character',
+ 7: 'POSIX character',
+ 9: 'Windows CE GUI'})
+ print 'DLL characteristics: 0x%04x' % take('w')
+ print 'Stack size: reserve 0x%08x commit 0x%08x' % take('tt')
+ print 'Heap size: reserve 0x%08x commit 0x%08x' % take('tt')
+ print 'Loader flags (obsolete?) 0x%08x' % take('t')
+ dict_entries = take('t')
+ print 'Dictionary entry count: %i' % dict_entries
+ shtable_ofs = f.tell() + dict_entries * 8
+ print ' ======== ========'
+ print '00. Export table: %08x %08x' % take('tt')
+ print '01. Import table: %08x %08x' % take('tt')
+ print '02. Resource table: %08x %08x' % take('tt')
+ print '03. Exception table: %08x %08x' % take('tt')
+ print '04. Certificate table: %08x %08x' % take('tt')
+ print '05. Base relocation table: %08x %08x' % take('tt')
+ print '06. Debug: %08x %08x' % take('tt')
+ print '07. Architecture specific: %08x %08x' % take('tt')
+ print '08. Global pointer: %08x %08x' % take('tt')
+ print '09. TLS table: %08x %08x' % take('tt')
+ print '10. Load config table: %08x %08x' % take('tt')
+ print '11. Bound import table: %08x %08x' % take('tt')
+ print '12. Import address table: %08x %08x' % take('tt')
+ print '13. Delay import descriptor: %08x %08x' % take('tt')
+ print '14. COM+ runtime header: %08x %08x' % take('tt')
+ print '15. (reserved) %08x %08x' % take('tt')
+ print
+ print 'Section table'
+ f.seek(shtable_ofs)
+ print 'name memsz RVA filesz offset !rel !ln #rel #ln flags'
+ print '======== ====== ====== ====== ====== ==== ==== ==== ==== ========'
+ for i in range(section_count):
+ name = f.read(8)
+ while '\0' in name: name = name[:-1]
+ print '%-8s' % name,
+ print '%6x' % take('t'), # memory size
+ print '%6x' % take('t'), # RVA
+ print '%6x' % take('t'), # file size
+ print '%6x' % take('t'), # offset
+ print '%4x' % take('t'), # reloc offset
+ print '%4x' % take('t'), # line number data offset
+ print '%4x' % take('w'), # reloc count
+ print '%4x' % take('w'), # line number count
+ print '%8x' % take('t'), # flags
+ print
else:
print 'Usage: pedump.py file ...'
|
