Little PE Builder
Here is a no frills page demonstrating PE file construction.
This is a small contribution to every one who wants to see how a windows executable works.
I have commented the code well enough for you to follow along in the construction of a PE file.
Requires Windows 98+ with IE5.5+ and WScript 5.6
How to use:
The code can be viewed by right clicking and selecting View Source
After filling in the caption and text fields below and clicking "Compile MaessageBox" you will
see a string representing a hex dump of the program. At the bottom of the string is button
that allows you to save the executable you have just created to your desktop. The save feature
requires wscript, so you must save this page to your machine to utilize it.
You will need to allow the ActiveX Component to run (ActiveX is required by the file saving routine).
You can then run your new executable by double-clicking the newly created generic-exe icon on your desktop.
Every last byte of the PE is laid out for view in the hex dump, and you can compare the raw hex code to the
code that creates it to see exactly how an executable is constructed
While there are a number of tutorials and white papers avilable on the composition
and structure of Microsofts PE files, including at least one paper that demonstrates
how to make a PE by Hand (The PE File Format by LUEVELSMEYER),I believe this source
is the first time that createing a PE file using only script has been fully demonstrated.
And while this demonstration only creates the most basic of win32 GUI files (messageboxes) it
should serve as ample proof of what can be acomplished using only built in OS tools (for windows this is script and IE).
I hope you find this demonstration informative.
Some search strings for more on PE file structure
- YATES` PE NOTES
- Sunshine's PE file format offsets
- Portable Executable and Object File Format Specification
- Exe file format with offsets rather than explanations
- PE File Structure Chapter 2
