Reverse Engineering Team Board

Reverse Engineering Team Board (http://www.reteam.org/board/index.php)
-   OSX Reverse Engineering (http://www.reteam.org/board/forumdisplay.php?f=29)
-   -   windows loader???? (http://www.reteam.org/board/showthread.php?t=1487)

adityamolugu 03-17-2009 03:29 AM

windows loader????
 
hi,
how does windows loader work???. i have a executable which does not follow PE format,but i am able to run that...hows that possible???

WX_0 05-30-2009 07:55 PM

Quote:

Originally Posted by adityamolugu (Post 12655)
hi,
how does windows loader work???. i have a executable which does not follow PE format,but i am able to run that...hows that possible???

The portable executable isn't the only Windows executable in existance - could you be working with a COM file? It's one 64k segment, no more, but possibly less.

Code:

        +-------------------------+
    00h |  Old-style header info  |
        +-------------------------+
    20h |        Reserved        |
        +-------------------------+
    3Ch |  Offset to segmented  |
        |      .EXE header      |
        +-------------------------+
    40h |  Relocation table and  |
        |  MS-DOS stub program    |
        +-------------------------+
        |  Segmented .EXE Header  |
        |          .            |
        |          .            |
        |          .            |

Source: http://support.microsoft.com/kb/65122


All times are GMT -4. The time now is 06:50 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.