Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
;                             PE FILE STRUCTURE
2
;                             =================
3

4
%include "pe.inc"
5

6
BIN_Begin
7
 MZHeader
8
 MZExtendedHeader
9
 MZSection.text_Begin
10
  push cs
11
  pop ds
12
  mov dx,MZSection.text_VA(text_string)
13
  mov ah,09
14
  int 21h
15
  mov ax,4C01h
16
  int 21h
17
  text_string: db 'This program cannot be run in DOS mode.',0Dh,0Ah,'$'
18
 MZSection.text_End
19

20
 PEHeader
21
 %define PEOptionalheader_EipRVA PESection.text_RVA(mondebut)
22
 PEOptionalHeader_Begin
23
  PEOptionalHeader_Directory Export,0,0
24
  PEOptionalHeader_Directory Import,Import_Directorys_RVA,Import_Directorys_VS
25
;  PEOptionalHeader_Directory Resource,0,0
26
;  PEOptionalHeader_Directory Exception,0,0
27
;  PEOptionalHeader_Directory Security,0,0
28
;  PEOptionalHeader_Directory Relocations,0,0
29
;  PEOptionalHeader_Directory Debug,0,0
30
;  PEOptionalHeader_Directory ImageDescription,0,0
31
;  PEOptionalHeader_Directory MachineSpecific,0,0
32
;  PEOptionalHeader_Directory ThreadLocalStorage,0,0
33
 PEOptionalHeader_End
34

35
 PESectionHeader .text,'.text',PESectionHeader_Flags_EXECUTABLECODE | PESectionHeader_Flags_DATAFROMFILE | PESectionHeader_Flags_EXECUTEACCESS | PESectionHeader_Flags_READACCESS
36
 PESectionHeader .rdata,'.rdata',PESectionHeader_Flags_DATAFROMFILE | PESectionHeader_Flags_READACCESS
37
 PESectionHeader .data,'.data',PESectionHeader_Flags_DATAFROMFILE | PESectionHeader_Flags_READACCESS | PESectionHeader_Flags_WRITEACCESS
38
 PESectionHeader .bss,'.bss', PESectionHeader_Flags_DATA0 | PESectionHeader_Flags_READACCESS | PESectionHeader_Flags_WRITEACCESS
39
 PESectionHeader .idata,'.idata',PESectionHeader_Flags_DATAFROMFILE | PESectionHeader_Flags_READACCESS
40
 PESections_Begin
41
  PESection.text_Begin
42
  int 03h
43
mondebut:
44
MB_OK equ 0
45
   mov eax,MB_OK
46
   push eax
47
   mov eax,PESection.rdata_VA(message)
48
   call [GetCommandLineA]
49
   push eax
50
   push eax
51
   mov eax,0
52
   push eax
53
   call [MessageBoxA]
54
   call [PESection.idata_VA(Import.KERNEL32.ExitProcess)]
55
   mov [PESection.text_VA(text1)],eax
56
   mov [PESection.rdata_VA(rdata1)],ebx
57
   mov [PESection.data_VA(data1)],ecx
58
   mov [PESection.bss_VA(bss1)],edx
59
text1:
60
   jmp short mondebut
61
  PESection.text_End
62

63
  PESection.rdata_Begin
64
message: db "coucou",0
65
rdata1: times 1001h db 22h ;db 'data1'
66
  PESection.rdata_End
67

68
  PESection.data_Begin
69
data1: times 1205h db 0FEh
70
  PESection.data_End
71

72
  PESection.bss_Begin
73
bss1: resb 1001h
74
  PESection.bss_End
75

76
  PESection.idata_Begin
77
   Import_Directorys_Begin .idata
78
    Import_Directory KERNEL32
79
    Import_Directory USER32
80
   Import_Directorys_End
81

82
   Import_RVAs_Begin KERNEL32
83
    Import_RVA KERNEL32,GetCommandLineA
84
    Import_RVA KERNEL32,ExitProcess
85
   Import_RVAs_End
86
   Import_RVAs_Begin USER32
87
    Import_RVA USER32,MessageBoxA
88
   Import_RVAs_End
89

90
   Import_VAs_Begin KERNEL32
91
    Import_VA KERNEL32,GetCommandLineA,0BFF8C5ACh
92
    Import_VA KERNEL32,ExitProcess,0BFF8D4CAh
93
   Import_VAs_End
94
   Import_VAs_Begin USER32
95
    Import_VA USER32,MessageBoxA
96
   Import_VAs_End
97

98
   Import_Strings_Begin KERNEL32
99
    Import_String_Function KERNEL32,GetCommandLineA,"GetCommandLineA",0D0h
100
    Import_String_Function KERNEL32,ExitProcess,"ExitProcess",07Fh
101
    Import_String_Dll KERNEL32,"KERNEL32.DLL"
102
   Import_Strings_End
103
   Import_Strings_Begin USER32
104
    Import_String_Function USER32,MessageBoxA,"MessageBoxA"
105
    Import_String_Dll USER32,"USER32.DLL"
106
   Import_Strings_End
107
  PESection.idata_End
108

109

110

111
 PESections_End
112
BIN_End
113

114