Hi all!

Is it OK to add data to an already compiled exe (so that the exe gets bigger), or will I have to fix the .data section afterwards?


I have a small app that just shows a messagebox with the text "Hi there!". Then I replace the "hi there" with 4 kB of text using a hex editor. Will the exe still work under all versions of windows???

Posted on 2001-11-10 13:32:18 by Delight
Read the PE tutorial on Iczelion's web page.
Posted on 2001-11-10 18:39:41 by eet_1024
You can replace the text with a text of the same length or the program will probably crash.
Posted on 2001-11-11 00:55:06 by Dr. Manhattan
OK. Thanks! I have already started reading!

Posted on 2001-11-11 14:06:27 by Delight
iczelions tut is ok but it is overbloated, unreadable
and uncomplete (sorry iczelion all the other tut's you wrote
are great!!!)... the best asm pe tut i've ever read was
by lord julus.

the link is http://www.envy.nu/lordjulus/ljpefile.zip
Posted on 2001-11-11 19:01:33 by ???
When you are through playing games the file to look for is called WINF10.ZIP and it is a file produced by Microsoft that was sourced from the Intel site on the specifications of PE files.

The other to get is PE.TXT by LUEVELSMEYER for an introduction to PE file design. The latest in this area is "Microsoft Portable Executable and
Common Object File Format Specification" dated 1999 by Microsoft. The file name is PECOFF.PDF.

If you are in a jam, I have all three so let me know if you need them.


Posted on 2001-11-11 22:02:02 by hutch--
LUEVELSMEYER is the best PE documentation I saw. PECOFF.PDF is
just information from MSDN/PlatformSDK converted to PDF... I believe
it includes LUEVELSMEYER and a little additional stuff, but I might be wrong.
Is WINF10.ZIP worth anything hutch? If so, post it here :).
Posted on 2001-11-12 08:44:27 by f0dder
Of course you can add data to a compiled (or assembled :) ) executable file. If you're gonna get it bigger, then you'll have to extend the .data section taking care of every little PE detail. Section sizes, correct alingment, correct ImageSize,etc etc
Win98 does not complain much but, believe me, i suffered a lot of pain when dealing with NT based OSs and my patch engine.
Shit man Win2k complained about everything :)
Posted on 2001-11-13 08:44:15 by latigo
If you make the data larger, you'll probably have to relocate it somewhere
else (unless it's at the end of the data section - and boy are you
lucky then ;)). This can all be very messy and problematic.
Posted on 2001-11-13 08:58:53 by f0dder