flat assembler
Message board for the users of flat assembler.
 Home   FAQ   Search   Register 
 Profile   Log in to check your private messages   Log in 
flat assembler > Projects and Ideas > Project : SimplePEviewer ver 0.0.64

Author
Thread Post new topic Reply to topic
dancho



Joined: 06 Mar 2011
Posts: 73
Project : SimplePEviewer ver 0.0.64
Hey guys,
SimplePEviewer is a program for showing the structure of win32 executable and object files , all infos and data are represent as stated in the revision 8.3 from February 6 , 2013.
Program is tested under win7(32/64) ,it is quite stable and suitable (IMHO) for the first public release.Collected data and information are compared with PEview app ( well know program , same category ) and there are no difference at all in presented infos , even SimplePEviewer open and shows some .exe that PEview chocks on.

update on 10.11.2014.
hey guys,
new version is up and ready for public realise with some extra features ,
1. parsing resource data
2. support for mscoff files
3. support for mouse wheel in the view window
4. ini file

info on mscoff support :
there are 5 formats of aux records that are supported currently by ms tools and they are :
1. function definitions
2. .bf and .ef symbols
3. weak externals
4. files
5. section definitions
simplepevierew supports them all , I had tested this on VS express 2008 ,
but also it can read object files from other compiler like Pelles C , I installed codeblock with mingw 4.7.1 and I read those files too .

info on ini file :
there are some infos written to ini file that help customizing program , nothing is written to the registry

I had tested this version thoroughly but ofc there could be some bugs left , so if you having some problems with some file please report it with some extra info ,like compiler used , debug or release version of the file etc ...

Any coments on the program are more then welcome
thx


Description: SimplePEviewer 0.0.64
Download
Filename: SimplePEviewer.zip
Filesize: 27.29 KB
Downloaded: 213 Time(s)



Last edited by dancho on 16 Nov 2014, 08:15; edited 2 times in total
Post 10 Oct 2014, 09:02
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3415
Location: Bulgaria
Interesting project. Is it supposed to be open source?

It works in WINE as well with minor problems with the font. Don't know why it always choose proportional font and the columns of the hex viewer are not good. Also, it has to remember the last font chosen in order to allow customization.

BTW, isn't 65K too much for an assembly program?
Post 10 Oct 2014, 15:38
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 14607
Location: Planet Dirt

JohnFound wrote:
BTW, isn't 65K too much for an assembly program?

FASMW.EXE is currently ~141k. I don't understand the correlation of size to language.
Post 10 Oct 2014, 16:26
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3415
Location: Bulgaria
I mean the functionality of SimplePEviewer seems to be not so big for this size. Of course, I might be wrong.
Post 10 Oct 2014, 16:50
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Matrix



Joined: 04 Sep 2004
Posts: 1171
Location: Overflow

revolution wrote:

JohnFound wrote:
BTW, isn't 65K too much for an assembly program?

FASMW.EXE is currently ~141k. I don't understand the correlation of size to language.



Well guys i'd like to note that your windows system is more than 10GB in size...
Post 10 Oct 2014, 17:59
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3415
Location: Bulgaria

Matrix wrote:

revolution wrote:

JohnFound wrote:
BTW, isn't 65K too much for an assembly program?

FASMW.EXE is currently ~141k. I don't understand the correlation of size to language.



Well guys i'd like to note that your windows system is more than 10GB in size...



I am in Linux. And I like the lightweight systems. Razz

_________________
Tox ID: A48DEF727DF44C3B5C2E576B65021F1A45D8FA52E2F8E257F1CAE148BBADB162FDF7820BD1F9
Post 10 Oct 2014, 19:33
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000

Matrix wrote:

revolution wrote:

JohnFound wrote:
BTW, isn't 65K too much for an assembly program?

FASMW.EXE is currently ~141k. I don't understand the correlation of size to language.



Well guys i'd like to note that your windows system is more than 10GB in size...



Image

I don't know what's taking up space but I'm thinking movies and game files. lol. I find it time consuming to delete the files so I just save important files and install a fresh copy.
Post 11 Oct 2014, 04:28
View user's profile Send private message Reply with quote
Foxxy



Joined: 14 Jul 2014
Posts: 42
Location: Somewhere over the rainbow...
Can you provide the source? I built something along the lines of this, however, quite a bit later I realized that sometimes it wasn't parsing all of the imports, stopping after the first ,DLL on certain executables.
Post 11 Oct 2014, 05:52
View user's profile Send private message Reply with quote
dancho



Joined: 06 Mar 2011
Posts: 73
Sorry , no source atm ...
@Foxxy
Let me explain the way I did in SimplePEviewer , maybe will be helpful to you,
In optional header structure locate data directory array , find the import table and save rva and size infos ,comparing information from section headers findout in what section import directory entries reside ( you have to know in what section to put import directory tables ).
There is one table for each dll that image refers to , now in order to find total number of the import tables you just make infinite loop and stop when the last table is filled with nulls , while in loop read and save some infos from import tables ,import lookup table rva and import address table rva will show you where start rva addresses are, now to find out where exactly in the file is that address is apply simple math , ( now you will understand why is important to know in what section tables resides ) .
Just sub tablerva from sectionrva and add ptrTosectionRawData and you have start in the file of all iimports for that dll , parse that until last entry which is set to zero ( to mark the end ).
There are more thing to do , one important is to check timedatestamp to find out is the image is bound or not ( there is socall new style and old style bounding ) , next are imports by name or by ordinal , etc etc
but basicly thats that
Hope it helps Cool
Post 11 Oct 2014, 07:58
View user's profile Send private message Reply with quote
dancho



Joined: 06 Mar 2011
Posts: 73
New Version is up and ready ,
check first post .
Post 10 Nov 2014, 09:06
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >

Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2005 phpBB Group.

Main index   Download   Documentation   Examples   Message board
Copyright © 2004-2016, Tomasz Grysztar.