Re: Hey Dustbin, have a good spin on this |

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Quoted text here. Click to load it

Pooh Cat.... that's totally brilliant!         :)

--  
Jax

Re: Hey Dustbin, have a good spin on this |


Quoted text here. Click to load it

Yes... and check this out:

C:\work>exehdr pooh1.exe

Microsoft (R) EXE File Header Utility  Version 2.01
Copyright (C) Microsoft Corp 1985-1990.  All rights reserved.

.EXE size (bytes)         860
Magic number:             5a4d
Bytes on last page:       0060
Pages in file:            0005
Relocations:              0001
Paragraphs in header:     0002
Extra paragraphs needed:  0103
Extra paragraphs wanted:  0103
Initial stack location:   0084:07cf
Word checksum:            0000
Entry point:              0000:0000
Relocation table address: 001c
Memory needed:            7K

7Kilobytes of memory needed at runtime to open a single file, skip the  
first two bytes, and "guess" what the file header says the blocks should  
be. (Especially if the first two bytes are NOT MZ).

Now uhh, let's see here...

EXEVLID2.exe will pull an entire folder of files, does check for the  
presence of MZ and will skip files that don't have it, And also does the  
math correctly and using as few bytes as possible to do it in. And it can  
actually do something if you like, with files that don't have an MZ header  
and/or are damaged/otherwise incomplete with the DOS stub.


C:\work>exehdr EXEVLID2.EXE

Microsoft (R) EXE File Header Utility  Version 2.01
Copyright (C) Microsoft Corp 1985-1990.  All rights reserved.

.EXE size (bytes)         1a8c
Magic number:             5a4d
Bytes on last page:       008c
Pages in file:            000e
Relocations:              0005
Paragraphs in header:     0020
Extra paragraphs needed:  0000
Extra paragraphs wanted:  ffff
Initial stack location:   00f2:07d0
Word checksum:            0efc
Entry point:              0000:0000
Relocation table address: 001e
Memory needed:            7K

What's that? Why, it uses the same runtime memory as your example; but does  
so much more. :)
  
Script kiddie.  


--  
Take it easy... Don't let the sound of your own wheels drive you crazy.  
Lighten up while you still can. Don't even try to understand.  
Just find a place to make your stand and take it easy!


Site Timeline