The e_magic field of this structure is used to identify an MS-DOS compatible file type. The contents of this header are represented by IMAGE_DOS_HEADER data structure. The MS-DOS header occupies the first 64 bytes of the PE file. The entire format consists of an MS-DOS MZ header, followed by a Real-Mode Stub Program, the PE file signature, the PE file header, the PE optional header, all of the section headers, and finally, all of the section bodies. The PE file format draws primarily from the COFF (Common Object File Format) specification that is common to UNIX® operating systems. Starting from Win NT 3.1, a new file format was introduced by OS called Portable Executable ( PE). All the data structure types used for various file headers are defined in WINNT.H file supplied with Win NT OS. Therefore to dig out the information it is important to understand the format of executable files. Whenever an application is created, the EXE file stores a whole lot of information in certain format. There are no direct API calls, which gives us this information about an application. This article will discuss a very small utility to check if an EXE file is a console or GUI application. Environment: The attached demo application has been compiled using VC++ 6 (SP 2) on Win NT (SP 4).
0 Comments
Leave a Reply. |