flat assembler
Message board for the users of flat assembler.
Index
> Windows > 2 intresting questions to sit on... lol |
Author |
|
vid 24 Jul 2006, 20:40
first question: i didn't get you, please try to describe what you are meaning more....
second question: those 4 bytes are timestamp - it says when was the executable compiled |
|||
24 Jul 2006, 20:40 |
|
okasvi 24 Jul 2006, 20:55
kohlrak, as I said in your previous topic, those are alignment, and removing zero bytes would not work... learn more about PE-format, Iczelion's pe-tut are good, of course, you should have learned already about addressing and how that would change things if nullbytes/alignment gets removed :S
|
|||
24 Jul 2006, 20:55 |
|
kohlrak 24 Jul 2006, 21:12
Actually, i havn't yet. lol I'm screwing aronud waiting to get some kind of usable IOS so when i come up to things in the tutorial, i can actually see the outcome(s) of the instructions. Without IOS, you're blind as a bat when programming. It'd be like learning all of C++ and never hear of cout << () or printf() till the last chapter.
EDIT: which previous topic? I don't recall mentioning it before... |
|||
24 Jul 2006, 21:12 |
|
okasvi 24 Jul 2006, 21:21
I meant the topic you asked if everything needed and/or standard is included when compiling simple PE-file with few calls to apis in it(helloworld?).
|
|||
24 Jul 2006, 21:21 |
|
kohlrak 24 Jul 2006, 21:23
Holy crap, i forgot about that one already. I think i need a cat scan.
|
|||
24 Jul 2006, 21:23 |
|
eskizo 20 Sep 2006, 13:52
what if those null-bytes become NOP hex code ? 0x90 I think
|
|||
20 Sep 2006, 13:52 |
|
Reverend 20 Sep 2006, 19:46
It doesn't matter as long as you change 0x00 to 0x90 in the code section. But headers have zeroes at some meaningful places. For example every PE has info about exports, and so in your .exe this info is zeroed. So changing every zeroe in the whole file will make it unexecutable.
|
|||
20 Sep 2006, 19:46 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.