exe - The value Address of Entry Point different in PE Explorer and UltraEdit -


i wrote basic helloworld.exe c simple line printf("helloworld!\n");

then used ultraedit view bytes of exe file , used pe explorer see header values. when comes address of entry point, pe explorer displays 0x004012c0.

magic                            010bh   pe32 linker version                   1902h   2.25 size of code                 00008000h size of initialized data     0000b000h size of uninitialized data   00000c00h address of entry point       004012c0h base of code                 00001000h base of data                 00009000h image base                   00400000h

but in ultraedit see 0x000012c0 after counting 16 bytes after magic 0x010b.

3f 02 00 00 e0 00 07 03 0b 01 02 19 00 80 00 00 00 b0 00 00 00 0c 00 00 c0 12 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 01 00 00 04 00 00 91 f6 00 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 c0 06 00 00 00 00 00 00 00 00 00 00

which 1 correct?

simply read image_optional_header structure

addressofentrypoint

a pointer entry point function, relative image base address. executable files, starting address. device drivers, address of initialization function. entry point function optional dlls. when no entry point present, member zero.

so absolute address of entrypoint addressofentrypoint ? imagebase + addressofentrypoint : 0

in case addressofentrypoint == 12c0 , imagebase == 400000

as result absolute address of entrypoint 12c0+400000==4012c0


Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not...
Read more