setpehdr
summary: assign DOS/PE headers structures to a PE binary
- description:
The goal of this script is to demonstrate some usage of the type API.
In this script, we:
load a PE64 file in binary mode
import some types from the mssdk64 til
apply these types at the correct ofsset in the DB
finally, rebase the program based on the information stored in the ImageBase field of the IMAGE_OPTIONAL_HEADER64.
level: intermediate
Functions
|
Create the structure identified by id at |
|
Return the size of the structure identified by id. |
|
Return the address of the pe header. |
|
Return the offset in bytes of the member |
|
Return the offset in bytes of the member |
|
Module Contents
- setpehdr.create_struct_at(id, ea, var_name=None)
Create the structure identified by id at address ea.
- setpehdr.get_struct_size(id)
Return the size of the structure identified by id.
- setpehdr.get_pe_ea(id)
Return the address of the pe header.
- setpehdr.get_field_off(id, field)
Return the offset in bytes of the member ‘field’ in the structure identified by ‘id’.
- setpehdr.get_struct_field_off(struct_name, field)
Return the offset in bytes of the member ‘field’ in the structure identified by ‘struct_name’.
- setpehdr.main()