Documentation
¶
Index ¶
- Variables
- func EmptyStruct(iface interface{}) bool
- func SetFlags(flagMap map[string]bool, charMap map[string]uint32, characteristic uint32)
- type BaseRelocation
- type BaseRelocationD
- type BaseRelocationEntry
- type BaseRelocationEntryD
- type BoundForwarderRef
- type BoundForwarderRefD
- type BoundImportDescriptor
- type BoundImportDescriptorD
- type DataDirectory
- type DataDirectoryD
- type DebugDirectory
- type DebugDirectoryD
- type DelayImportDescriptor
- type DelayImportDescriptorD
- type DosHeader
- type DosHeaderD
- type ExportData
- type ExportDirectory
- type ExportDirectoryD
- type FileHeader
- type FileHeaderD
- type ImportData
- type ImportData64
- type ImportDescriptor
- type ImportDescriptorD
- type LoadConfigDirectory
- type LoadConfigDirectory64
- type LoadConfigDirectory64D
- type LoadConfigDirectoryD
- type NTHeader
- type NTHeaderD
- type OptionalHeader
- type OptionalHeader64
- type OptionalHeader64D
- type OptionalHeaderD
- type ResourceDataEntry
- type ResourceDataEntryD
- type ResourceDirectory
- type ResourceDirectoryD
- type ResourceDirectoryEntry
- type ResourceDirectoryEntryD
- type SectionHeader
- func (self *SectionHeader) Get_entropy(data []byte) float64
- func (self *SectionHeader) Get_hash_md5(data []byte) string
- func (self *SectionHeader) Get_hash_sha1(data []byte) string
- func (self *SectionHeader) Get_hash_sha256(data []byte) string
- func (self *SectionHeader) Get_hash_sha512(data []byte) string
- func (self *SectionHeader) String() string
- type SectionHeaderD
- type String
- type StringD
- type StringFileInfo
- type StringFileInfoD
- type StringTable
- type StringTableD
- type TLSDirectory
- type TLSDirectory64
- type TLSDirectory64D
- type TLSDirectoryD
- type ThunkData
- type ThunkData64
- type ThunkData64D
- type ThunkDataD
- type VSFixedFileInfo
- type VSFixedFileInfoD
- type VSVersionInfo
- type VSVersionInfoD
- type Var
- type VarD
Constants ¶
This section is empty.
Variables ¶
View Source
var DebugTypes = map[string]uint32{
"IMAGE_DEBUG_TYPE_UNKNOWN": 0,
"IMAGE_DEBUG_TYPE_COFF": 1,
"IMAGE_DEBUG_TYPE_CODEVIEW": 2,
"IMAGE_DEBUG_TYPE_FPO": 3,
"IMAGE_DEBUG_TYPE_MISC": 4,
"IMAGE_DEBUG_TYPE_EXCEPTION": 5,
"IMAGE_DEBUG_TYPE_FIXUP": 6,
"IMAGE_DEBUG_TYPE_OMAP_TO_SRC": 7,
"IMAGE_DEBUG_TYPE_OMAP_FROM_SRC": 8,
"IMAGE_DEBUG_TYPE_BORLAND": 9,
"IMAGE_DEBUG_TYPE_RESERVED10": 10,
"IMAGE_DEBUG_TYPE_CLSID": 11,
}
View Source
var DirectoryEntryTypes = map[uint32]string{
0: "IMAGE_DIRECTORY_ENTRY_EXPORT",
1: "IMAGE_DIRECTORY_ENTRY_IMPORT",
2: "IMAGE_DIRECTORY_ENTRY_RESOURCE",
3: "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
4: "IMAGE_DIRECTORY_ENTRY_SECURITY",
5: "IMAGE_DIRECTORY_ENTRY_BASERELOC",
6: "IMAGE_DIRECTORY_ENTRY_DEBUG",
7: "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
8: "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
9: "IMAGE_DIRECTORY_ENTRY_TLS",
10: "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
11: "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
12: "IMAGE_DIRECTORY_ENTRY_IAT",
13: "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
14: "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
15: "IMAGE_DIRECTORY_ENTRY_RESERVED",
}
View Source
var DllCharacteristics = map[string]uint32{
"IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA": 0x0020,
"IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE": 0x0040,
"IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY": 0x0080,
"IMAGE_DLLCHARACTERISTICS_NX_COMPAT": 0x0100,
"IMAGE_DLLCHARACTERISTICS_NO_ISOLATION": 0x0200,
"IMAGE_DLLCHARACTERISTICS_NO_SEH": 0x0400,
"IMAGE_DLLCHARACTERISTICS_NO_BIND": 0x0800,
"IMAGE_DLLCHARACTERISTICS_APPCONTAINER": 0x1000,
"IMAGE_DLLCHARACTERISTICS_WDM_DRIVER": 0x2000,
"IMAGE_DLLCHARACTERISTICS_GUARD_CF": 0x4000,
"IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE": 0x8000,
}
View Source
var ImageCharacteristics = map[string]uint32{
"IMAGE_FILE_RELOCS_STRIPPED": 0x0001,
"IMAGE_FILE_EXECUTABLE_IMAGE": 0x0002,
"IMAGE_FILE_LINE_NUMS_STRIPPED": 0x0004,
"IMAGE_FILE_LOCAL_SYMS_STRIPPED": 0x0008,
"IMAGE_FILE_AGGRESIVE_WS_TRIM": 0x0010,
"IMAGE_FILE_LARGE_ADDRESS_AWARE": 0x0020,
"IMAGE_FILE_16BIT_MACHINE": 0x0040,
"IMAGE_FILE_BYTES_REVERSED_LO": 0x0080,
"IMAGE_FILE_32BIT_MACHINE": 0x0100,
"IMAGE_FILE_DEBUG_STRIPPED": 0x0200,
"IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP": 0x0400,
"IMAGE_FILE_NET_RUN_FROM_SWAP": 0x0800,
"IMAGE_FILE_SYSTEM": 0x1000,
"IMAGE_FILE_DLL": 0x2000,
"IMAGE_FILE_UP_SYSTEM_ONLY": 0x4000,
"IMAGE_FILE_BYTES_REVERSED_HI": 0x8000,
}
View Source
var Lang = map[string]uint32{
"LANG_NEUTRAL": 0x00,
"LANG_INVARIANT": 0x7f,
"LANG_AFRIKAANS": 0x36,
"LANG_ALBANIAN": 0x1c,
"LANG_ARABIC": 0x01,
"LANG_ARMENIAN": 0x2b,
"LANG_ASSAMESE": 0x4d,
"LANG_AZERI": 0x2c,
"LANG_BASQUE": 0x2d,
"LANG_BELARUSIAN": 0x23,
"LANG_BENGALI": 0x45,
"LANG_BULGARIAN": 0x02,
"LANG_CATALAN": 0x03,
"LANG_CHINESE": 0x04,
"LANG_CROATIAN": 0x1a,
"LANG_CZECH": 0x05,
"LANG_DANISH": 0x06,
"LANG_DIVEHI": 0x65,
"LANG_DUTCH": 0x13,
"LANG_ENGLISH": 0x09,
"LANG_ESTONIAN": 0x25,
"LANG_FAEROESE": 0x38,
"LANG_FARSI": 0x29,
"LANG_FINNISH": 0x0b,
"LANG_FRENCH": 0x0c,
"LANG_GALICIAN": 0x56,
"LANG_GEORGIAN": 0x37,
"LANG_GERMAN": 0x07,
"LANG_GREEK": 0x08,
"LANG_GUJARATI": 0x47,
"LANG_HEBREW": 0x0d,
"LANG_HINDI": 0x39,
"LANG_HUNGARIAN": 0x0e,
"LANG_ICELANDIC": 0x0f,
"LANG_INDONESIAN": 0x21,
"LANG_ITALIAN": 0x10,
"LANG_JAPANESE": 0x11,
"LANG_KANNADA": 0x4b,
"LANG_KASHMIRI": 0x60,
"LANG_KAZAK": 0x3f,
"LANG_KONKANI": 0x57,
"LANG_KOREAN": 0x12,
"LANG_KYRGYZ": 0x40,
"LANG_LATVIAN": 0x26,
"LANG_LITHUANIAN": 0x27,
"LANG_MACEDONIAN": 0x2f,
"LANG_MALAY": 0x3e,
"LANG_MALAYALAM": 0x4c,
"LANG_MANIPURI": 0x58,
"LANG_MARATHI": 0x4e,
"LANG_MONGOLIAN": 0x50,
"LANG_NEPALI": 0x61,
"LANG_NORWEGIAN": 0x14,
"LANG_ORIYA": 0x48,
"LANG_POLISH": 0x15,
"LANG_PORTUGUESE": 0x16,
"LANG_PUNJABI": 0x46,
"LANG_ROMANIAN": 0x18,
"LANG_RUSSIAN": 0x19,
"LANG_SANSKRIT": 0x4f,
"LANG_SERBIAN": 0x1a,
"LANG_SINDHI": 0x59,
"LANG_SLOVAK": 0x1b,
"LANG_SLOVENIAN": 0x24,
"LANG_SPANISH": 0x0a,
"LANG_SWAHILI": 0x41,
"LANG_SWEDISH": 0x1d,
"LANG_SYRIAC": 0x5a,
"LANG_TAMIL": 0x49,
"LANG_TATAR": 0x44,
"LANG_TELUGU": 0x4a,
"LANG_THAI": 0x1e,
"LANG_TURKISH": 0x1f,
"LANG_UKRAINIAN": 0x22,
"LANG_URDU": 0x20,
"LANG_UZBEK": 0x43,
"LANG_VIETNAMESE": 0x2a,
"LANG_GAELIC": 0x3c,
"LANG_MALTESE": 0x3a,
"LANG_MAORI": 0x28,
"LANG_RHAETO_ROMANCE": 0x17,
"LANG_SAAMI": 0x3b,
"LANG_SORBIAN": 0x2e,
"LANG_SUTU": 0x30,
"LANG_TSONGA": 0x31,
"LANG_TSWANA": 0x32,
"LANG_VENDA": 0x33,
"LANG_XHOSA": 0x34,
"LANG_ZULU": 0x35,
"LANG_ESPERANTO": 0x8f,
"LANG_WALON": 0x90,
"LANG_CORNISH": 0x91,
"LANG_WELSH": 0x92,
"LANG_BRETON": 0x93,
}
Language definitions
View Source
var MachineTypes = map[string]uint32{
"IMAGE_FILE_MACHINE_UNKNOWN": 0,
"IMAGE_FILE_MACHINE_I386": 0x014c,
"IMAGE_FILE_MACHINE_R3000": 0x0162,
"IMAGE_FILE_MACHINE_R4000": 0x0166,
"IMAGE_FILE_MACHINE_R10000": 0x0168,
"IMAGE_FILE_MACHINE_WCEMIPSV2": 0x0169,
"IMAGE_FILE_MACHINE_ALPHA": 0x0184,
"IMAGE_FILE_MACHINE_SH3": 0x01a2,
"IMAGE_FILE_MACHINE_SH3DSP": 0x01a3,
"IMAGE_FILE_MACHINE_SH3E": 0x01a4,
"IMAGE_FILE_MACHINE_SH4": 0x01a6,
"IMAGE_FILE_MACHINE_SH5": 0x01a8,
"IMAGE_FILE_MACHINE_ARM": 0x01c0,
"IMAGE_FILE_MACHINE_THUMB": 0x01c2,
"IMAGE_FILE_MACHINE_ARMNT": 0x01c4,
"IMAGE_FILE_MACHINE_AM33": 0x01d3,
"IMAGE_FILE_MACHINE_POWERPC": 0x01f0,
"IMAGE_FILE_MACHINE_POWERPCFP": 0x01f1,
"IMAGE_FILE_MACHINE_IA64": 0x0200,
"IMAGE_FILE_MACHINE_MIPS16": 0x0266,
"IMAGE_FILE_MACHINE_ALPHA64": 0x0284,
"IMAGE_FILE_MACHINE_AXP64": 0x0284,
"IMAGE_FILE_MACHINE_MIPSFPU": 0x0366,
"IMAGE_FILE_MACHINE_MIPSFPU16": 0x0466,
"IMAGE_FILE_MACHINE_TRICORE": 0x0520,
"IMAGE_FILE_MACHINE_CEF": 0x0cef,
"IMAGE_FILE_MACHINE_EBC": 0x0ebc,
"IMAGE_FILE_MACHINE_AMD64": 0x8664,
"IMAGE_FILE_MACHINE_M32R": 0x9041,
"IMAGE_FILE_MACHINE_CEE": 0xc0ee,
}
View Source
var RelocationTypes = map[string]uint32{
"IMAGE_REL_BASED_ABSOLUTE": 0,
"IMAGE_REL_BASED_HIGH": 1,
"IMAGE_REL_BASED_LOW": 2,
"IMAGE_REL_BASED_HIGHLOW": 3,
"IMAGE_REL_BASED_HIGHADJ": 4,
"IMAGE_REL_BASED_MIPS_JMPADDR": 5,
"IMAGE_REL_BASED_SECTION": 6,
"IMAGE_REL_BASED_REL": 7,
"IMAGE_REL_BASED_MIPS_JMPADDR16": 9,
"IMAGE_REL_BASED_IA64_IMM64": 9,
"IMAGE_REL_BASED_DIR64": 10,
"IMAGE_REL_BASED_HIGH3ADJ": 11,
}
View Source
var ResourceType = map[string]uint32{
"RT_CURSOR": 1,
"RT_BITMAP": 2,
"RT_ICON": 3,
"RT_MENU": 4,
"RT_DIALOG": 5,
"RT_STRING": 6,
"RT_FONTDIR": 7,
"RT_FONT": 8,
"RT_ACCELERATOR": 9,
"RT_RCDATA": 10,
"RT_MESSAGETABLE": 11,
"RT_GROUP_CURSOR": 12,
"RT_GROUP_ICON": 14,
"RT_VERSION": 16,
"RT_DLGINCLUDE": 17,
"RT_PLUGPLAY": 19,
"RT_VXD": 20,
"RT_ANICURSOR": 21,
"RT_ANIICON": 22,
"RT_HTML": 23,
"RT_MANIFEST": 24,
}
Resource types
View Source
var SectionCharacteristics = map[string]uint32{
"IMAGE_SCN_TYPE_REG": 0x00000000,
"IMAGE_SCN_TYPE_DSECT": 0x00000001,
"IMAGE_SCN_TYPE_NOLOAD": 0x00000002,
"IMAGE_SCN_TYPE_GROUP": 0x00000004,
"IMAGE_SCN_TYPE_NO_PAD": 0x00000008,
"IMAGE_SCN_TYPE_COPY": 0x00000010,
"IMAGE_SCN_CNT_CODE": 0x00000020,
"IMAGE_SCN_CNT_INITIALIZED_DATA": 0x00000040,
"IMAGE_SCN_CNT_UNINITIALIZED_DATA": 0x00000080,
"IMAGE_SCN_LNK_OTHER": 0x00000100,
"IMAGE_SCN_LNK_INFO": 0x00000200,
"IMAGE_SCN_LNK_OVER": 0x00000400,
"IMAGE_SCN_LNK_REMOVE": 0x00000800,
"IMAGE_SCN_LNK_COMDAT": 0x00001000,
"IMAGE_SCN_MEM_PROTECTED": 0x00004000,
"IMAGE_SCN_NO_DEFER_SPEC_EXC": 0x00004000,
"IMAGE_SCN_GPREL": 0x00008000,
"IMAGE_SCN_MEM_FARDATA": 0x00008000,
"IMAGE_SCN_MEM_SYSHEAP": 0x00010000,
"IMAGE_SCN_MEM_PURGEABLE": 0x00020000,
"IMAGE_SCN_MEM_16BIT": 0x00020000,
"IMAGE_SCN_MEM_LOCKED": 0x00040000,
"IMAGE_SCN_MEM_PRELOAD": 0x00080000,
"IMAGE_SCN_ALIGN_1BYTES": 0x00100000,
"IMAGE_SCN_ALIGN_2BYTES": 0x00200000,
"IMAGE_SCN_ALIGN_4BYTES": 0x00300000,
"IMAGE_SCN_ALIGN_8BYTES": 0x00400000,
"IMAGE_SCN_ALIGN_16BYTES": 0x00500000,
"IMAGE_SCN_ALIGN_32BYTES": 0x00600000,
"IMAGE_SCN_ALIGN_64BYTES": 0x00700000,
"IMAGE_SCN_ALIGN_128BYTES": 0x00800000,
"IMAGE_SCN_ALIGN_256BYTES": 0x00900000,
"IMAGE_SCN_ALIGN_512BYTES": 0x00A00000,
"IMAGE_SCN_ALIGN_1024BYTES": 0x00B00000,
"IMAGE_SCN_ALIGN_2048BYTES": 0x00C00000,
"IMAGE_SCN_ALIGN_4096BYTES": 0x00D00000,
"IMAGE_SCN_ALIGN_8192BYTES": 0x00E00000,
"IMAGE_SCN_ALIGN_MASK": 0x00F00000,
"IMAGE_SCN_LNK_NRELOC_OVFL": 0x01000000,
"IMAGE_SCN_MEM_DISCARDABLE": 0x02000000,
"IMAGE_SCN_MEM_NOT_CACHED": 0x04000000,
"IMAGE_SCN_MEM_NOT_PAGED": 0x08000000,
"IMAGE_SCN_MEM_SHARED": 0x10000000,
"IMAGE_SCN_MEM_EXECUTE": 0x20000000,
"IMAGE_SCN_MEM_READ": 0x40000000,
"IMAGE_SCN_MEM_WRITE": 0x80000000,
}
View Source
var Sublang = map[string]uint32{}/* 103 elements not displayed */
Sublanguage definitions
View Source
var SubsystemTypes = map[string]uint32{
"IMAGE_SUBSYSTEM_UNKNOWN": 0,
"IMAGE_SUBSYSTEM_NATIVE": 1,
"IMAGE_SUBSYSTEM_WINDOWS_GUI": 2,
"IMAGE_SUBSYSTEM_WINDOWS_CUI": 3,
"IMAGE_SUBSYSTEM_OS2_CUI": 5,
"IMAGE_SUBSYSTEM_POSIX_CUI": 7,
"IMAGE_SUBSYSTEM_NATIVE_WINDOWS": 8,
"IMAGE_SUBSYSTEM_WINDOWS_CE_GUI": 9,
"IMAGE_SUBSYSTEM_EFI_APPLICATION": 10,
"IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER": 11,
"IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER": 12,
"IMAGE_SUBSYSTEM_EFI_ROM": 13,
"IMAGE_SUBSYSTEM_XBOX": 14,
"IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION": 16,
}
Functions ¶
func EmptyStruct ¶
func EmptyStruct(iface interface{}) bool
Types ¶
type BaseRelocation ¶
type BaseRelocation struct {
Data BaseRelocationD
FileOffset uint32
Size uint32
}
BaseRelocation
func NewBaseRelocation ¶
func NewBaseRelocation(fileOffset uint32) (header *BaseRelocation)
func (*BaseRelocation) String ¶
func (self *BaseRelocation) String() string
type BaseRelocationD ¶
type BaseRelocationEntry ¶
type BaseRelocationEntry struct {
Data BaseRelocationEntryD
FileOffset uint32
Size uint32
}
BaseRelocationEntry
func NewBaseRelocationEntry ¶
func NewBaseRelocationEntry(fileOffset uint32) (header *BaseRelocationEntry)
func (*BaseRelocationEntry) String ¶
func (self *BaseRelocationEntry) String() string
type BaseRelocationEntryD ¶
type BaseRelocationEntryD struct {
Data uint16
}
type BoundForwarderRef ¶
type BoundForwarderRef struct {
Data BoundForwarderRefD
FileOffset uint32
Size uint32
}
BoundForwarderRef
func NewBoundForwarderRef ¶
func NewBoundForwarderRef(fileOffset uint32) (header *BoundForwarderRef)
func (*BoundForwarderRef) String ¶
func (self *BoundForwarderRef) String() string
type BoundForwarderRefD ¶
type BoundImportDescriptor ¶
type BoundImportDescriptor struct {
Data BoundImportDescriptorD
FileOffset uint32
Size uint32
}
BoundImportDescriptor
func NewBoundImportDescriptor ¶
func NewBoundImportDescriptor(fileOffset uint32) (header *BoundImportDescriptor)
func (*BoundImportDescriptor) String ¶
func (self *BoundImportDescriptor) String() string
type BoundImportDescriptorD ¶
type DataDirectory ¶
type DataDirectory struct {
Data DataDirectoryD
FileOffset uint32
Name string
Size uint32
}
func NewDataDirectory ¶
func NewDataDirectory(fileOffset uint32) (header *DataDirectory)
func (*DataDirectory) String ¶
func (self *DataDirectory) String() string
type DataDirectoryD ¶
type DebugDirectory ¶
type DebugDirectory struct {
Data DebugDirectoryD
FileOffset uint32
Flags map[string]bool
Size uint32
}
DebugDirectory
func NewDebugDirectory ¶
func NewDebugDirectory(fileOffset uint32) (header *DebugDirectory)
func (*DebugDirectory) String ¶
func (self *DebugDirectory) String() string
type DebugDirectoryD ¶
type DelayImportDescriptor ¶
type DelayImportDescriptor struct {
Data DelayImportDescriptorD
FileOffset uint32
Flags map[string]bool
Size uint32
}
Delay Import Descriptor
func NewDelayImportDescriptor ¶
func NewDelayImportDescriptor(fileOffset uint32) (header *DelayImportDescriptor)
func (*DelayImportDescriptor) String ¶
func (self *DelayImportDescriptor) String() string
type DelayImportDescriptorD ¶
type DosHeader ¶
type DosHeader struct {
Data DosHeaderD
FileOffset uint32
Flags map[string]bool
Size uint32
}
func NewDosHeader ¶
type DosHeaderD ¶
type DosHeaderD struct {
E_magic uint16
E_cblp uint16
E_cp uint16
E_crlc uint16
E_cparhd uint16
E_minalloc uint16
E_maxalloc uint16
E_ss uint16
E_sp uint16
E_csum uint16
E_ip uint16
E_cs uint16
E_lfarlc uint16
E_ovno uint16
E_res [8]uint8
E_oemid uint16
E_oeminfo uint16
E_res2 [20]uint8
E_lfanew uint32
}
type ExportData ¶
type ExportData struct {
Ordinal uint16
OrdinalOffset uint32
Address uint32
AddressOffset uint32
Name []byte //
NameOffset uint32 //
Forwarder []byte
ForwarderOffset uint32
}
func (ExportData) String ¶
func (self ExportData) String() string
type ExportDirectory ¶
type ExportDirectory struct {
Data ExportDirectoryD
FileOffset uint32
Flags map[string]bool
Exports []*ExportData
Size uint32
}
Export Directory
func NewExportDirectory ¶
func NewExportDirectory(fileOffset uint32) (header *ExportDirectory)
func (*ExportDirectory) String ¶
func (self *ExportDirectory) String() string
type ExportDirectoryD ¶
type FileHeader ¶
type FileHeader struct {
Data FileHeaderD
FileOffset uint32
Flags map[string]bool
Size uint32
}
func NewFileHeader ¶
func NewFileHeader(fileOffset uint32) (header *FileHeader)
func (*FileHeader) String ¶
func (self *FileHeader) String() string
type FileHeaderD ¶
type ImportData ¶
type ImportData struct {
StructTable *ThunkData
StructIat *ThunkData
ImportByOrdinal bool
Ordinal uint32
OrdinalOffset uint32
Hint uint16
Name []byte
NameOffset uint32
Bound uint32
Address uint32
HintNameTableRva uint32
ThunkOffset uint32
ThunkRva uint32
}
func (ImportData) String ¶
func (self ImportData) String() string
type ImportData64 ¶
type ImportData64 struct {
StructTable *ThunkData64
StructIat *ThunkData64
ImportByOrdinal bool
Ordinal uint64
OrdinalOffset uint64
Hint uint16
Name []byte
NameOffset uint64
Bound uint64
Address uint64
HintNameTableRva uint64
ThunkOffset uint64
ThunkRva uint64
}
func (ImportData64) String ¶
func (self ImportData64) String() string
type ImportDescriptor ¶
type ImportDescriptor struct {
Data ImportDescriptorD
FileOffset uint32
Flags map[string]bool
Dll []byte
Imports []*ImportData
Imports64 []*ImportData64
Size uint32
}
Image Import Descriptor
func NewImportDescriptor ¶
func NewImportDescriptor(fileOffset uint32) (header *ImportDescriptor)
func (*ImportDescriptor) String ¶
func (self *ImportDescriptor) String() string
type ImportDescriptorD ¶
type LoadConfigDirectory ¶
type LoadConfigDirectory struct {
Data LoadConfigDirectoryD
FileOffset uint32
Flags map[string]bool
Size uint32
}
LoadConfigDirectory
func NewLoadConfigDirectory ¶
func NewLoadConfigDirectory(fileOffset uint32) (header *LoadConfigDirectory)
func (*LoadConfigDirectory) String ¶
func (self *LoadConfigDirectory) String() string
type LoadConfigDirectory64 ¶
type LoadConfigDirectory64 struct {
Data LoadConfigDirectory64D
FileOffset uint32
Flags map[string]bool
Size uint32
}
LoadConfigDirectory64
func NewLoadConfigDirectory64 ¶
func NewLoadConfigDirectory64(fileOffset uint32) (header *LoadConfigDirectory64)
func (*LoadConfigDirectory64) String ¶
func (self *LoadConfigDirectory64) String() string
type LoadConfigDirectory64D ¶
type LoadConfigDirectory64D struct {
Size uint32
TimeDateStamp uint32
MajorVersion uint16
MinorVersion uint16
GlobalFlagsClear uint32
GlobalFlagsSet uint32
CriticalSectionDefaultTimeout uint32
DeCommitFreeBlockThreshold uint64
DeCommitTotalFreeThreshold uint64
LockPrefixTable uint64
MaximumAllocationSize uint64
VirtualMemoryThreshold uint64
ProcessAffinityMask uint64
ProcessHeapFlags uint32
CSDVersion uint16
Reserved1 uint16
EditList uint64
SecurityCookie uint64
SEHandlerTable uint64
SEHandlerCount uint64
GuardCFCheckFunctionPointer uint64
Reserved2 uint64
GuardCFFunctionTable uint64
GuardCFFunctionCount uint64
GuardFlags uint32
}
type LoadConfigDirectoryD ¶
type LoadConfigDirectoryD struct {
Size uint32
TimeDateStamp uint32
MajorVersion uint16
MinorVersion uint16
GlobalFlagsClear uint32
GlobalFlagsSet uint32
CriticalSectionDefaultTimeout uint32
DeCommitFreeBlockThreshold uint32
DeCommitTotalFreeThreshold uint32
LockPrefixTable uint32
MaximumAllocationSize uint32
VirtualMemoryThreshold uint32
ProcessHeapFlags uint32
ProcessAffinityMask uint32
CSDVersion uint16
Reserved1 uint16
EditList uint32
SecurityCookie uint32
SEHandlerTable uint32
SEHandlerCount uint32
GuardCFCheckFunctionPointer uint32
Reserved2 uint32
GuardCFFunctionTable uint32
GuardCFFunctionCount uint32
GuardFlags uint32
}
type NTHeader ¶
func NewNTHeader ¶
type OptionalHeader ¶
type OptionalHeader struct {
Data OptionalHeaderD
FileOffset uint32
Flags map[string]bool
Size uint32
DataDirs map[string]*DataDirectory
}
func NewOptionalHeader ¶
func NewOptionalHeader(fileOffset uint32) (header *OptionalHeader)
func (*OptionalHeader) String ¶
func (self *OptionalHeader) String() string
type OptionalHeader64 ¶
type OptionalHeader64 struct {
Data OptionalHeader64D
FileOffset uint32
Flags map[string]bool
DataDirs map[string]*DataDirectory
Size uint32
}
func NewOptionalHeader64 ¶
func NewOptionalHeader64(fileOffset uint32) (header *OptionalHeader64)
func (*OptionalHeader64) String ¶
func (self *OptionalHeader64) String() string
type OptionalHeader64D ¶
type OptionalHeader64D struct {
Magic uint16
MajorLinkerVersion uint8
MinorLinkerVersion uint8
SizeOfCode uint32
SizeOfInitializedData uint32
SizeOfUninitializedData uint32
AddressOfEntryPoint uint32
BaseOfCode uint32
BaseOfData uint32
ImageBase uint32
SectionAlignment uint32
FileAlignment uint32
MajorOperatingSystemVersion uint16
MinorOperatingSystemVersion uint16
MajorImageVersion uint16
MinorImageVersion uint16
MajorSubsystemVersion uint16
MinorSubsystemVersion uint16
Reserved1 uint32
SizeOfImage uint32
SizeOfHeaders uint32
CheckSum uint32
Subsystem uint16
DllCharacteristics uint16
SizeOfStackReserve uint64 // Different after this point, specific checks needed
SizeOfStackCommit uint64
SizeOfHeapReserve uint64
SizeOfHeapCommit uint64
LoaderFlags uint32
NumberOfRvaAndSizes uint32
}
type OptionalHeaderD ¶
type OptionalHeaderD struct {
Magic uint16
MajorLinkerVersion uint8
MinorLinkerVersion uint8
SizeOfCode uint32
SizeOfInitializedData uint32
SizeOfUninitializedData uint32
AddressOfEntryPoint uint32
BaseOfCode uint32
BaseOfData uint32
ImageBase uint32
SectionAlignment uint32
FileAlignment uint32
MajorOperatingSystemVersion uint16
MinorOperatingSystemVersion uint16
MajorImageVersion uint16
MinorImageVersion uint16
MajorSubsystemVersion uint16
MinorSubsystemVersion uint16
Reserved1 uint32
SizeOfImage uint32
SizeOfHeaders uint32
CheckSum uint32
Subsystem uint16
DllCharacteristics uint16
SizeOfStackReserve uint32
SizeOfStackCommit uint32
SizeOfHeapReserve uint32
SizeOfHeapCommit uint32
LoaderFlags uint32
NumberOfRvaAndSizes uint32
}
type ResourceDataEntry ¶
type ResourceDataEntry struct {
Data ResourceDataEntryD
FileOffset uint32
Size uint32
}
Resource Data Entry
func NewResourceDataEntry ¶
func NewResourceDataEntry(fileOffset uint32) (header *ResourceDataEntry)
func (*ResourceDataEntry) String ¶
func (self *ResourceDataEntry) String() string
type ResourceDataEntryD ¶
type ResourceDirectory ¶
type ResourceDirectory struct {
Data ResourceDirectoryD
FileOffset uint32
Flags map[string]bool
Size uint32
}
Resource Directory
func NewResourceDirectory ¶
func NewResourceDirectory(fileOffset uint32) (header *ResourceDirectory)
func (*ResourceDirectory) String ¶
func (self *ResourceDirectory) String() string
type ResourceDirectoryD ¶
type ResourceDirectoryEntry ¶
type ResourceDirectoryEntry struct {
Data ResourceDirectoryEntryD
FileOffset uint32
Size uint32
}
Resource Directory Entry
func NewResourceDirectoryEntry ¶
func NewResourceDirectoryEntry(fileOffset uint32) (header *ResourceDirectoryEntry)
func (*ResourceDirectoryEntry) String ¶
func (self *ResourceDirectoryEntry) String() string
type ResourceDirectoryEntryD ¶
type SectionHeader ¶
type SectionHeader struct {
Data SectionHeaderD
FileOffset uint32
Flags map[string]bool
Size uint32
NextHeaderAddr uint32
}
func NewSectionHeader ¶
func NewSectionHeader(fileOffset uint32) (header *SectionHeader)
func (*SectionHeader) Get_entropy ¶
func (self *SectionHeader) Get_entropy(data []byte) float64
func (*SectionHeader) Get_hash_md5 ¶
func (self *SectionHeader) Get_hash_md5(data []byte) string
func (*SectionHeader) Get_hash_sha1 ¶
func (self *SectionHeader) Get_hash_sha1(data []byte) string
func (*SectionHeader) Get_hash_sha256 ¶
func (self *SectionHeader) Get_hash_sha256(data []byte) string
func (*SectionHeader) Get_hash_sha512 ¶
func (self *SectionHeader) Get_hash_sha512(data []byte) string
func (*SectionHeader) String ¶
func (self *SectionHeader) String() string
type SectionHeaderD ¶
type StringFileInfo ¶
type StringFileInfo struct {
Data StringFileInfoD
FileOffset uint32
Size uint32
}
StringFileInfo
func NewStringFileInfo ¶
func NewStringFileInfo(fileOffset uint32) (header *StringFileInfo)
func (*StringFileInfo) String ¶
func (self *StringFileInfo) String() string
type StringFileInfoD ¶
type StringTable ¶
type StringTable struct {
Data StringTableD
FileOffset uint32
Size uint32
}
StringTable
func NewStringTable ¶
func NewStringTable(fileOffset uint32) (header *StringTable)
func (*StringTable) String ¶
func (self *StringTable) String() string
type StringTableD ¶
type TLSDirectory ¶
type TLSDirectory struct {
Data TLSDirectoryD
FileOffset uint32
Flags map[string]bool
Size uint32
}
TLSDirectory
func NewTLSDirectory ¶
func NewTLSDirectory(fileOffset uint32) (header *TLSDirectory)
func (*TLSDirectory) String ¶
func (self *TLSDirectory) String() string
type TLSDirectory64 ¶
type TLSDirectory64 struct {
Data TLSDirectory64D
FileOffset uint32
Flags map[string]bool
Size uint32
}
TLSDirectory64
func NewTLSDirectory64 ¶
func NewTLSDirectory64(fileOffset uint32) (header *TLSDirectory64)
func (*TLSDirectory64) String ¶
func (self *TLSDirectory64) String() string
type TLSDirectory64D ¶
type TLSDirectoryD ¶
type ThunkData ¶
type ThunkData struct {
Data ThunkDataD
FileOffset uint32
Size uint32
}
ThunkData
func NewThunkData ¶
type ThunkData64 ¶
type ThunkData64 struct {
Data ThunkData64D
FileOffset uint32
Size uint32
}
ThunkData64
func NewThunkData64 ¶
func NewThunkData64(fileOffset uint32) (header *ThunkData64)
func (*ThunkData64) String ¶
func (self *ThunkData64) String() string
type ThunkData64D ¶
type ThunkData64D struct {
AddressOfData uint64
}
type ThunkDataD ¶
type ThunkDataD struct {
AddressOfData uint32
}
type VSFixedFileInfo ¶
type VSFixedFileInfo struct {
Data VSFixedFileInfoD
FileOffset uint32
Size uint32
}
VSFixedFileInfo
func NewVSFixedFileInfo ¶
func NewVSFixedFileInfo(fileOffset uint32) (header *VSFixedFileInfo)
func (*VSFixedFileInfo) String ¶
func (self *VSFixedFileInfo) String() string
type VSFixedFileInfoD ¶
type VSVersionInfo ¶
type VSVersionInfo struct {
Data VSVersionInfoD
FileOffset uint32
Size uint32
}
VS Version Info
func NewVSVersionInfo ¶
func NewVSVersionInfo(fileOffset uint32) (header *VSVersionInfo)
func (*VSVersionInfo) String ¶
func (self *VSVersionInfo) String() string
type VSVersionInfoD ¶
Source Files
Click to show internal directories.
Click to hide internal directories.