1 描述

该ExeInfo工具可以显示有关可执行文件(*.EXE ) ,动态链接库(*.dll文件) ,(*.ocx)文件和(*.sys)
驱动程序文件的一般信息。它可以识别所有主要类型的可执行文件,包括MS -DOS文件,
可执行文件( 16位)和可移植可执行文件( 32位) 。

2 授权

该实用程序属于免费软件。您可以自由使用,修改,分发,只要你不删除原有的版权声明即可。

3 声明

该软件提供的“原样“,没有任何担保或者任何明示或暗示的保证,包括应用于任何商业的目的。
笔者将不对任何特殊,偶然,附带或间接操作导致的数据丢失或任何其他原因造成的损失负责。

4 ExeInfo工具的用法

该ExeInfo实用程序不需要任何安装过程。只是exeinfo.exe复制到任何你想要的文件夹,然后运行它。
当您运行它,单击“显示文件信息”按钮,然后选择所需的可执行文件。在选择文件时,
 ExeInfo工具将会显示关于你的可执行文件的大量信息。您还可以得到一个文件的​​信息,

从浏览器窗口拖动到ExeInfo工具窗口。

//main.h

#define START_TEXT "ExeInfo v1.01\r\n"#define UNKNOWN_STR "Unknown"#define MAINTEXT_BUFFER_SIZE 32000
#define LINE_BUFFER_SIZE 2048
#define ERROR_BUFFER_SIZE 2048
#define MZHEADER_SIZE 0x40
#define NEWHEADER_SIZE 0x1000#define EXE_TYPE_UNKNOWN 0
#define EXE_TYPE_DOS 1
#define EXE_TYPE_NE 2
#define EXE_TYPE_PE 3
#define EXE_TYPE_LE 4
#define EXE_TYPE_LX 5
#define EXE_TYPE_W3 6#define MAX_NUM_OF_SECTIONS 64//Section Headers Info. Flags
#define SECTIONS_HEADER_INFO_PKLITE 0x1
#define SECTIONS_HEADER_INFO_WINZIP 0x2
#define SECTIONS_HEADER_INFO_WWPACK32 0x4
#define SECTIONS_HEADER_INFO_UPX 0x8struct KEY_VALUE
{DWORD dwKey;char *szValue;
};#define SIGNATURE_DELPHI_1 "\x04\x10\x40\x00\x03\x07\x42\x6F\x6F\x6C\x65\x61\x6E"
#define SIGNATURE_DELPHI_2 "\x04\x10\x40\x00\x0A\x06\x53\x74\x72\x69\x6E\x67\x4C"
#define SIGNATURE_DELPHI_3 "\x0A\x06\x73\x74\x72\x69\x6E\x67\x00\x00\x00"#define SIGNATURE_VB4 "VB40032.DLL"
#define SIGNATURE_VB5 "MSVBVM50.DLL"
#define SIGNATURE_VB6 "MSVBVM60.DLL"

//main.cpp

#include <windows.h>
#include <winnt.h>
#include <stdio.h>
#include "resource.h"
#include "main.h"//Main dialog-box handle
HWND hMainDlg;//Icons
HICON hMainIcon32, hMainIcon16;//The color of main edit control
COLORREF crMainEdit;//The brush for painting the main edit control
HBRUSH hMainEditBrush = NULL;
//The font for the main edit control
HFONT hEditFont;//Error buffer.
char szError[ERROR_BUFFER_SIZE];char szBytesWord[] = " Bytes";//Display error message.
void ErrorMsg(DWORD dwErr)
{char *lpMessageBuffer; FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, dwErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&lpMessageBuffer, 0, NULL);if (strlen(lpMessageBuffer) < ERROR_BUFFER_SIZE)strcpy(szError, lpMessageBuffer);LocalFree(lpMessageBuffer);
}void SetMainText(LPCSTR lpszText)
{SetDlgItemText(hMainDlg, IDC_EDIT_MAIN, lpszText);
}//Display error in the main window
void ShowError(LPCSTR lpszFilename, LPCSTR szMsg)
{DWORD dwError = GetLastError();char szMessage[ERROR_BUFFER_SIZE];ErrorMsg(dwError);sprintf(szMessage, szMsg, lpszFilename, dwError, szError);SetMainText(szMessage);
}//Fill LOGFONT structure.
void FillFontStruct(LOGFONT *logfont, LPSTR name, int size, BOOL bold)
{logfont->lfHeight = size;logfont->lfWidth = 0;logfont->lfEscapement = 0;logfont->lfOrientation = 0;logfont->lfWeight = 400 + 300 * (bold == TRUE);logfont->lfItalic = FALSE;logfont->lfUnderline = FALSE;logfont->lfStrikeOut = FALSE;logfont->lfCharSet = DEFAULT_CHARSET;logfont->lfOutPrecision = OUT_DEFAULT_PRECIS;logfont->lfClipPrecision = CLIP_DEFAULT_PRECIS;logfont->lfQuality = DEFAULT_QUALITY;logfont->lfPitchAndFamily = DEFAULT_PITCH;strcpy(logfont->lfFaceName, name);
}//Set the font for the main edit control
void SetEditFont(HWND hWnd)
{LOGFONT lf;FillFontStruct(&lf, "Fixedsys", 10, FALSE);hEditFont = CreateFontIndirect(&lf);SendMessage(hWnd, WM_SETFONT, (WPARAM)hEditFont, FALSE);
}void StrTrim(char *source, char *dest)
{int nIndex = 0;while (source[nIndex] == ' '){nIndex++;}strcpy(dest, &source[nIndex]);
}void RemoveQuotes(LPSTR szCommand)
{int nGet = 0, nSet = 0;while (szCommand[nGet] != '\0'){if  (szCommand[nGet] == '\"') nGet++;else{szCommand[nSet] = szCommand[nGet];nSet++;nGet++;}}szCommand[nSet] = '\0';
}//Get the number of color bits in the current screen device.
int GetColorsBits()
{HDC hScreenDC = GetDC(0);int nColorBits = GetDeviceCaps(hScreenDC, BITSPIXEL) * GetDeviceCaps(hScreenDC, PLANES);ReleaseDC(NULL, hScreenDC);return nColorBits;
}//Create brush for the main edit control
void PrepareEditBrush()
{int nColorBits = GetColorsBits();if (hMainEditBrush != NULL) DeleteObject(hMainEditBrush);if (nColorBits >= 16) {crMainEdit = RGB(255, 248, 240);hMainEditBrush = CreateSolidBrush(crMainEdit);} else{crMainEdit = RGB(255, 255, 255);hMainEditBrush = CreateSolidBrush(crMainEdit);} }//Display 'Open File' dialog-box
BOOL OpenFileDialog(LPSTR lpFilename)
{OPENFILENAME of;char szFilter[] = "Executable Files (*.exe)\0*.exe\0Dynamic-Link Libraries (*.dll)\0*.dll\0ActiveX Controls (*.ocx)\0*.ocx\0Driver Files (*.drv;*.vxd;*.sys;*.386)\0*.drv;*.vxd;*.sys;*.386\0Font Files (*.fon)\0*.fon\0All files (*.*)\0*.*\0\0";char szFile[MAX_PATH] = "\0";char szTitle[] = "Select an executable file";char szExt[] = "exe";of.lStructSize = sizeof(of);of.hwndOwner = hMainDlg;of.lpstrFilter = szFilter;of.lpstrCustomFilter = NULL;of.nFilterIndex = 0;of.lpstrFile = szFile;of.nMaxFile = MAX_PATH;of.lpstrFileTitle = NULL;of.lpstrInitialDir = NULL;of.lpstrTitle = szTitle;of.Flags = OFN_EXPLORER | OFN_FILEMUSTEXIST | OFN_HIDEREADONLY | OFN_PATHMUSTEXIST;of.lpstrDefExt = szExt;if (GetOpenFileName(&of)){strcpy(lpFilename, of.lpstrFile); return TRUE;} else return FALSE;}void ClearMainText()
{SetDlgItemText(hMainDlg, IDC_MAIN_EDIT, "");
}//Add text to the main edit control
void AddMainText(LPCSTR lpszText)
{char szTemp[MAINTEXT_BUFFER_SIZE];GetDlgItemText(hMainDlg, IDC_MAIN_EDIT, szTemp, MAINTEXT_BUFFER_SIZE);if (strlen(szTemp) + strlen(lpszText) + 1 < MAINTEXT_BUFFER_SIZE){strcat(szTemp, lpszText);SetDlgItemText(hMainDlg, IDC_MAIN_EDIT, szTemp);}}void AddTextLine(LPCSTR lpszCaption, LPCSTR lpszValue)
{char szLine[LINE_BUFFER_SIZE];sprintf(szLine, "%-26s : %s\r\n", lpszCaption, lpszValue);AddMainText(szLine);
}//Get version information
BOOL GetInfoStr(char *pBuf, LPCSTR lpszLang1, LPCSTR lpszName, LPSTR lpszInfo)
{UINT size;char *str;char szTemp[255];strcpy(szTemp, "\\StringFileInfo\\");strcat(szTemp, lpszLang1);strcat(szTemp, "\\");strcat(szTemp, lpszName);BOOL bFound = VerQueryValue((LPVOID)pBuf, szTemp, (LPVOID *)&str, &size);if (bFound){strcpy(lpszInfo, str);return TRUE;} else return FALSE;
}LPSTR KeyValueToStr(KEY_VALUE *Items, DWORD dwNumOfItems, DWORD dwFindValue, LPSTR lpszValue, LPSTR lpszDefaultValue = NULL)
{for (DWORD dwIndex = 0; dwIndex < dwNumOfItems; dwIndex++)if (Items[dwIndex].dwKey == dwFindValue){strcpy(lpszValue, Items[dwIndex].szValue);return lpszValue;}if (lpszDefaultValue != NULL)strcpy(lpszValue, lpszDefaultValue);elselpszValue[0] = '\0';return lpszValue;}LPSTR KeyValueBitsToStr(KEY_VALUE *Items, DWORD dwNumOfItems, DWORD dwFindValue, LPSTR lpszValue)
{lpszValue[0] = '\0';for (DWORD dwIndex = 0; dwIndex < dwNumOfItems; dwIndex++)if ((Items[dwIndex].dwKey & dwFindValue) != 0){if (lpszValue[0] != '\0')strcat(lpszValue, ", ");strcat(lpszValue, Items[dwIndex].szValue);}return lpszValue;}LPSTR GetFileOSName(DWORD dwFileOS, LPSTR lpszOSName)
{const NumOfOS = 9;KEY_VALUE Items[NumOfOS] = {{VOS_DOS, "MS-DOS"},{VOS_NT, "Windows NT"},{VOS__WINDOWS16, "16-bit Windows"},{VOS__WINDOWS32, "32-bit Windows"},{VOS_OS216, "16-bit OS/2"},{VOS_OS232, "32-bit OS/2"},{VOS__PM16, "16-bit Presentation Manager"},{VOS__PM32, "32-bit Presentation Manager"},{VOS_UNKNOWN, "Unknown"}};return KeyValueBitsToStr(Items, NumOfOS, dwFileOS, lpszOSName);
}LPSTR GetFileType(DWORD dwFileType, LPSTR lpszFileType)
{const NumOfTypes = 7;KEY_VALUE FilesTypes[NumOfTypes] = {{VFT_UNKNOWN, "Unknown"},{VFT_APP, "Application"},{VFT_DLL, "Dynamic-Link Library"},{VFT_DRV, "Device Driver"},{VFT_FONT, "Font"},{VFT_VXD, "Virtual Device"},{VFT_STATIC_LIB, "Static-Link Library"}};return KeyValueToStr(FilesTypes, NumOfTypes, dwFileType, lpszFileType);
}LPSTR GetFileSubType(DWORD dwFileType, DWORD dwFileSubType, LPSTR lpszFileSubType)
{const NumOfTypes = 11;DWORD dwFileSubTypesIndex[NumOfTypes] = {VFT2_UNKNOWN, VFT2_DRV_COMM, VFT2_DRV_PRINTER, VFT2_DRV_KEYBOARD, VFT2_DRV_LANGUAGE, VFT2_DRV_DISPLAY, VFT2_DRV_MOUSE, VFT2_DRV_NETWORK, VFT2_DRV_SYSTEM, VFT2_DRV_INSTALLABLE, VFT2_DRV_SOUND};LPSTR szFileSubTypes[NumOfTypes] = {"Unknown", "Communications Driver", "Printer Driver", "Keyboard Driver", "Language Driver", "Display Driver", "Mouse Driver", "Network Driver", "System Driver", "Installable Driver", "Sound Driver"};strcpy(lpszFileSubType,"Unknown");if (dwFileType == VFT_DRV){for (int nIndex = 0; nIndex < NumOfTypes;nIndex++)if (dwFileSubTypesIndex[nIndex] == dwFileSubType){strcpy(lpszFileSubType, szFileSubTypes[nIndex]);break;}} else if (dwFileType == VFT_FONT){if (dwFileSubType == VFT2_FONT_RASTER)strcpy(lpszFileSubType, "Raster Font");else if (dwFileSubType == VFT2_FONT_VECTOR)strcpy(lpszFileSubType, "Vector Font");else if (dwFileSubType == VFT2_FONT_TRUETYPE)strcpy(lpszFileSubType, "TrueType Font");}return lpszFileSubType;
}LPSTR GetExeType(DWORD dwExeType, LPSTR lpszExeType)
{const NumOfTypes = 7;KEY_VALUE ExeTypes[NumOfTypes] = {{EXE_TYPE_UNKNOWN, "Unknown"},{EXE_TYPE_DOS, "MS-DOS"},{EXE_TYPE_NE, "New Executable (16-bit)"},{EXE_TYPE_PE, "Portable Executable (32-bit)"},{EXE_TYPE_LE, "Linear Executable (Virtual Device Driver)"},{EXE_TYPE_LX, "Linear Executable: OS/2 2.x "},{EXE_TYPE_W3, "Windows WIN386.EXE file"}};return KeyValueToStr(ExeTypes, NumOfTypes, dwExeType, lpszExeType);
}HANDLE OpenFileForRead(LPCSTR lpszFilename)
{return CreateFile(lpszFilename, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
}LPSTR FormatDWordHex(DWORD dwValue, LPSTR lpszValue, DWORD dwMaxDigits = 4)
{char szTemp[50];_ultoa(dwValue, szTemp, 16);int nAdd = dwMaxDigits - strlen(szTemp);if (nAdd > 0){memset(lpszValue, '0', nAdd);lpszValue[nAdd] = '\0';}elselpszValue[0] = '\0';strcat(lpszValue, szTemp);sprintf(szTemp, "0x%s", lpszValue );strcpy(lpszValue, szTemp);return lpszValue;
}LPSTR FormatDWord(DWORD dwValue, LPSTR lpszValue, LPSTR lpszMore = NULL)
{char szTemp[30];NUMBERFMT nf;nf.NumDigits = 0;nf.LeadingZero = 0;nf.Grouping = 3;nf.lpDecimalSep = ".";nf.lpThousandSep = ",";nf.NegativeOrder = 0;_ultoa(dwValue, szTemp, 10);GetNumberFormat(LOCALE_USER_DEFAULT, 0, szTemp, &nf, lpszValue, LINE_BUFFER_SIZE);if (lpszMore != NULL)strcat(lpszValue, lpszMore);return lpszValue;
}LPSTR FormatFileTime(FILETIME ft, LPSTR szDateTime)
{SYSTEMTIME st;char szTime[15];FileTimeToSystemTime(&ft, &st);GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, szDateTime, LINE_BUFFER_SIZE);GetTimeFormat(LOCALE_USER_DEFAULT, 0, &st, NULL, szTime, 15);strcat(szDateTime, " ");strcat(szDateTime, szTime);return szDateTime;
}LPSTR GetCharacteristics(WORD wCharacteristics, LPSTR lpszCharacteristics)
{const NumOfItems = 13;KEY_VALUE Items[NumOfItems] = {{IMAGE_FILE_DLL, "The file is a dynamic-link library"},//{IMAGE_FILE_EXECUTABLE_IMAGE, "The file is executable"}, {IMAGE_FILE_RELOCS_STRIPPED, "Relocation info stripped from file"},{IMAGE_FILE_LINE_NUMS_STRIPPED,"Line nunbers stripped from file"},{IMAGE_FILE_LOCAL_SYMS_STRIPPED, "Local symbols stripped from file"},{IMAGE_FILE_AGGRESIVE_WS_TRIM, "Agressively trim working set"}, {IMAGE_FILE_LARGE_ADDRESS_AWARE, "The application can handle addresses larger than 2gb"},{IMAGE_FILE_BYTES_REVERSED_LO, "Bytes of machine word are reversed"},//{IMAGE_FILE_32BIT_MACHINE, "32 bit word machine"},{IMAGE_FILE_DEBUG_STRIPPED, "Debugging info stripped from file in .DBG file"},{IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP, "If Image is on removable media, copy and run from the swap file"},{IMAGE_FILE_NET_RUN_FROM_SWAP, "If Image is on Net, copy and run from the swap file"},{IMAGE_FILE_SYSTEM, "System File"},{IMAGE_FILE_UP_SYSTEM_ONLY, "File should only be run on a UP machine"},{IMAGE_FILE_BYTES_REVERSED_HI, "Bytes of machine word are reversed"}};lpszCharacteristics[0] = '\0';for (DWORD dwIndex = 0; dwIndex < NumOfItems; dwIndex++)if ((wCharacteristics & Items[dwIndex].dwKey) != 0){strcat(lpszCharacteristics, "\r\n * ");strcat(lpszCharacteristics, Items[dwIndex].szValue);}  return lpszCharacteristics;}LPSTR GetSubsystemName(WORD wSubsystem, LPSTR lpszSubsystemName)
{const NumOfSubsystems = 8;KEY_VALUE Subsystems[NumOfSubsystems] = {{IMAGE_SUBSYSTEM_UNKNOWN, "Unknown subsystem"},{IMAGE_SUBSYSTEM_NATIVE, "Image doesn't require a subsystem"},{IMAGE_SUBSYSTEM_WINDOWS_GUI, "Windows GUI"},{IMAGE_SUBSYSTEM_WINDOWS_CUI, "Windows character subsystem (Console Application)"},{IMAGE_SUBSYSTEM_OS2_CUI, "OS/2 character subsystem"},{IMAGE_SUBSYSTEM_POSIX_CUI, "Posix character subsystem"},{IMAGE_SUBSYSTEM_NATIVE_WINDOWS, "Native Win9x driver"},{IMAGE_SUBSYSTEM_WINDOWS_CE_GUI, "Windows CE subsystem"}};return KeyValueToStr(Subsystems, NumOfSubsystems, wSubsystem, lpszSubsystemName, UNKNOWN_STR);
}LPSTR GetMachineName(USHORT Machine, LPSTR lpszMachineName)
{const NumOfMachines = 18;KEY_VALUE Machines[NumOfMachines] = {{IMAGE_FILE_MACHINE_UNKNOWN, "Unknown"},           {IMAGE_FILE_MACHINE_I386, "Intel 386"},{IMAGE_FILE_MACHINE_R3000, "MIPS little-endian, 0x160 big-endian"},{IMAGE_FILE_MACHINE_R4000, "MIPS little-endian"},{IMAGE_FILE_MACHINE_R10000,"MIPS little-endian"},{IMAGE_FILE_MACHINE_WCEMIPSV2, "MIPS little-endian WCE v2"},{IMAGE_FILE_MACHINE_ALPHA, "Alpha_AXP"}, {IMAGE_FILE_MACHINE_POWERPC, "IBM PowerPC Little-Endian"},{IMAGE_FILE_MACHINE_SH3, "SH3 little-endian"},{IMAGE_FILE_MACHINE_SH3E, "SH3E little-endian"},{IMAGE_FILE_MACHINE_SH4, "SH4 little-endian"},{IMAGE_FILE_MACHINE_ARM, "ARM Little-Endian"},{IMAGE_FILE_MACHINE_THUMB, "?"},            {IMAGE_FILE_MACHINE_IA64, "Intel 64"},{IMAGE_FILE_MACHINE_MIPS16, "MIPS"},{IMAGE_FILE_MACHINE_MIPSFPU, "MIPS"},{IMAGE_FILE_MACHINE_MIPSFPU16, "MIPS"},{IMAGE_FILE_MACHINE_ALPHA64, "ALPHA64"}};return KeyValueToStr(Machines, NumOfMachines, Machine, lpszMachineName, UNKNOWN_STR);
}BOOL GetDosCompress(LPCSTR lpszMZHeader, LPSTR szCompressName)
{if (strncmp(&lpszMZHeader[0x1e], "PKLITE", 6) == 0){sprintf(szCompressName, "PKLITE v%d.%d", (lpszMZHeader[0x1d] & 0xf), lpszMZHeader[0x1c]);return TRUE;}if (strncmp(&lpszMZHeader[0x1c], "LZ", 2) == 0){char szVer[10] = "";if (strncmp(&lpszMZHeader[0x1e], "09", 2) == 0)strcpy(szVer, "0.90");else if (strncmp(&lpszMZHeader[0x1e], "91", 2) == 0)strcpy(szVer, "0.91");sprintf(szCompressName, "LZEXE %s", szVer);return TRUE;}if (strncmp(&lpszMZHeader[0x25], "LHarc's SFX", 11) == 0){strcpy(szCompressName, "LHarc 1.x");return TRUE;}if (strncmp(&lpszMZHeader[0x24], "LHa's SFX", 9) == 0 ||strncmp(&lpszMZHeader[0x24], "LHA's SFX", 9) == 0){strcpy(szCompressName, "LHA 2.x");return TRUE;}return FALSE;
}LPSTR GetNETargetOS(BYTE ExeType, LPSTR lpszOSName)
{const NumOfItems = 8;KEY_VALUE Items[NumOfItems] = {{0x0, "Unknown"},  {0x1, "OS/2"},    {0x2, "Windows"}, {0x3, "European MS-DOS 4.x"}, {0x4, "Windows 386"}, {0x5, "BOSS (Borland Operating System Services)"},    {0x81, "PharLap 286|DOS-Extender, OS/2"}, {0x82, "PharLap 286|DOS-Extender, Windows"}};return KeyValueToStr(Items, NumOfItems, ExeType, lpszOSName, UNKNOWN_STR);
}void GetInfoFromSectionHeaders(IMAGE_SECTION_HEADER *ishs, USHORT uNumOfSections, DWORD *dwInfo1)
{*dwInfo1 = 0;for (USHORT uIndex = 0; uIndex < uNumOfSections; uIndex++){if (strncmp((char *)ishs[uIndex].Name, ".pklstb", 7) == 0) *dwInfo1 |= SECTIONS_HEADER_INFO_PKLITE;if (strncmp((char *)ishs[uIndex].Name, "_winzip_", 8) == 0) *dwInfo1 |= SECTIONS_HEADER_INFO_WINZIP;if (strncmp((char *)ishs[uIndex].Name, ".WWP32", 6) == 0) *dwInfo1 |= SECTIONS_HEADER_INFO_WWPACK32;if (strncmp((char *)ishs[uIndex].Name, "UPX", 3) == 0) *dwInfo1 |= SECTIONS_HEADER_INFO_UPX;}
}LPSTR GetSectionCharacteristics(DWORD dwCharacteristics, LPSTR lpszValue)
{const NumOfItems = 9;KEY_VALUE Items[NumOfItems] = {{0x00000020, "Code"},{0x00000040, "Initialized Data"},{0x00000080, "Uninitialized Data"},{0x04000000, "Not Cachable"},{0x08000000, "Not Pageable"},{0x10000000, "Shared"},{0x20000000, "Executable"},{0x40000000, "Readable"},{0x80000000, "Writable"}};return KeyValueBitsToStr(Items, NumOfItems, dwCharacteristics, lpszValue);
}void ShowExeInfo(LPCSTR lpszFilename)
{DWORD dwTemp;UINT dwSize;HANDLE hFile;char szValue[LINE_BUFFER_SIZE], szTemp[LINE_BUFFER_SIZE];//Clear all text.ClearMainText();//Open fileif ((hFile = OpenFileForRead(lpszFilename)) != INVALID_HANDLE_VALUE){char szMZHeader[MZHEADER_SIZE];char szMewHeader[NEWHEADER_SIZE];DWORD dwRead, dwExeType, dwNewHeaderLoc;BOOL bResult;//Read MZ header. (MS-DOS Header)bResult = ReadFile(hFile, szMZHeader, MZHEADER_SIZE, &dwRead, NULL);if (bResult && dwRead == MZHEADER_SIZE){AddTextLine("Filename", lpszFilename);if (szMZHeader[0] == 'M' && szMZHeader[1] == 'Z'){IMAGE_DOS_HEADER *idh;    idh = (IMAGE_DOS_HEADER *)szMZHeader;if (szMZHeader[0x18] != 0x40)dwExeType = EXE_TYPE_DOS;else{dwNewHeaderLoc = idh->e_lfanew;SetFilePointer(hFile, dwNewHeaderLoc, NULL, FILE_BEGIN);//Read next header. (PE, NE, or LE)bResult = ReadFile(hFile, szMewHeader, NEWHEADER_SIZE, &dwRead, NULL);if (bResult && dwRead >= 255) {if (szMewHeader[0] == 'P' && szMewHeader[1] == 'E')dwExeType = EXE_TYPE_PE;else if (szMewHeader[0] == 'N' && szMewHeader[1] == 'E')dwExeType = EXE_TYPE_NE;else if (szMewHeader[0] == 'L' && szMewHeader[1] == 'E')dwExeType = EXE_TYPE_LE;} elsedwExeType = EXE_TYPE_UNKNOWN;}DWORD dwFileSize = GetFileSize(hFile, NULL);FormatDWord(dwFileSize, szValue);strcat(szValue, szBytesWord);AddTextLine("File Size", szValue);FILETIME ftCreation, ftModified;GetFileTime(hFile, &ftCreation, NULL, &ftModified);AddTextLine("Created Date", FormatFileTime(ftCreation, szValue));AddTextLine("Modified Date", FormatFileTime(ftModified, szValue));AddTextLine("Executable Format", GetExeType(dwExeType, szValue));AddMainText("\r\nMS-DOS Header Information\r\n=========================\r\n");AddTextLine("Bytes in the last page", FormatDWord(idh->e_cblp, szValue));AddTextLine("Number of pages", FormatDWord(idh->e_cp, szValue));AddTextLine("Relocation entries", FormatDWord(idh->e_crlc, szValue));AddTextLine("Header size in paragraphs", FormatDWord(idh->e_cparhdr, szValue));AddTextLine("Initial SS (Relative)", FormatDWordHex(idh->e_ss, szValue));AddTextLine("Initial SP", FormatDWordHex(idh->e_sp, szValue));AddTextLine("Initial CS (Relative)", FormatDWordHex(idh->e_cs, szValue));AddTextLine("Initial IP", FormatDWordHex(idh->e_ip, szValue));AddTextLine("Checksum", FormatDWordHex(idh->e_csum, szValue));if (GetDosCompress(szMZHeader, szTemp)){sprintf(szValue, "\r\n*** The file is compressed with %s ***\r\n", szTemp);AddMainText(szValue);}if (dwExeType == EXE_TYPE_NE){IMAGE_OS2_HEADER *iosh = (IMAGE_OS2_HEADER *)szMewHeader;AddMainText("\r\nNew Executable Header Information\r\n===================================\r\n");AddTextLine("Version Number", itoa(iosh->ne_ver, szValue, 10));AddTextLine("Revision Number", itoa(iosh->ne_rev, szValue, 10));AddTextLine("Entry Table Offset", FormatDWordHex(iosh->ne_enttab, szValue));AddTextLine("Entry Table Size", FormatDWord(iosh->ne_cbenttab, szValue, szBytesWord));AddTextLine("Checksum", FormatDWordHex(iosh->ne_crc, szValue, 8));AddTextLine("Library Module", ((iosh->ne_flags & 0x8000) ? "Yes" : "No"));AddTextLine("Target OS", GetNETargetOS(iosh->ne_exetyp, szValue));AddTextLine("Initial Heap Allocation", FormatDWord(iosh->ne_heap, szValue, szBytesWord));AddTextLine("Initial Stack Allocation", FormatDWord(iosh->ne_heap, szValue, szBytesWord));sprintf(szValue, "%.4x:%.4x", (WORD)(((DWORD)iosh->ne_csip) >> 16), (WORD)(((DWORD)iosh->ne_csip) & 0xffff));AddTextLine("Initial CS:IP", szValue);sprintf(szValue, "%.4x:%.4x", (WORD)(((DWORD)iosh->ne_sssp) >> 16), (WORD)(((DWORD)iosh->ne_sssp) & 0xffff));AddTextLine("Initial SS:SP", szValue);AddTextLine("Segment Entries", FormatDWord(iosh->ne_cseg, szValue));AddTextLine("Module Entries", FormatDWord(iosh->ne_cmod, szValue));AddTextLine("Non-Resident Name Table", FormatDWord(iosh->ne_cbnrestab, szValue, szBytesWord));AddTextLine("Segment Table Offset", FormatDWordHex(iosh->ne_segtab, szValue));AddTextLine("Resource Table Offset", FormatDWordHex(iosh->ne_rsrctab, szValue));AddTextLine("Resident Names Offset", FormatDWordHex(iosh->ne_restab, szValue));AddTextLine("Module Reference Offset", FormatDWordHex(iosh->ne_modtab, szValue));AddTextLine("Imported Names Offset", FormatDWordHex(iosh->ne_imptab, szValue));AddTextLine("Non-resident Names Offset", FormatDWordHex(iosh->ne_nrestab, szValue, 8));AddTextLine("Movable Entries Count", FormatDWord(iosh->ne_cmovent, szValue));AddTextLine("Segment Alignment", FormatDWord(iosh->ne_align, szValue));AddTextLine("Resource Segments Count", FormatDWord(iosh->ne_cres, szValue));}if (dwExeType == EXE_TYPE_PE){IMAGE_FILE_HEADER *ifh;AddMainText("\r\nPortable Executable Header Information\r\n===================================\r\n");ifh = (IMAGE_FILE_HEADER *)&szMewHeader[4];AddTextLine("Machine", GetMachineName(ifh->Machine, szValue));AddTextLine("Number Of Sections", FormatDWord(ifh->NumberOfSections, szValue));AddTextLine("Number Of Symbols", FormatDWord(ifh->NumberOfSymbols, szValue));AddTextLine("Optional Header Size", FormatDWord(ifh->SizeOfOptionalHeader, szValue, szBytesWord));AddTextLine("Time Stamp", FormatDWordHex(ifh->TimeDateStamp, szValue));AddTextLine("Characteristics", GetCharacteristics(ifh->Characteristics, szValue));AddMainText("\r\nOptional Header Information\r\n===================================\r\n");IMAGE_OPTIONAL_HEADER32 *ioh = (IMAGE_OPTIONAL_HEADER32 *)&szMewHeader[24];sprintf(szValue, "%d.%d", ioh->MajorLinkerVersion, ioh->MinorLinkerVersion);AddTextLine("Linker Version", szValue);AddTextLine("Size Of Code", FormatDWord(ioh->SizeOfCode, szValue, szBytesWord ));AddTextLine("Size of initialized data", FormatDWord(ioh->SizeOfInitializedData, szValue, szBytesWord));AddTextLine("Size of uninitialized data", FormatDWord(ioh->SizeOfUninitializedData, szValue, szBytesWord));if (ifh->Machine == IMAGE_FILE_MACHINE_I386 && ifh->SizeOfOptionalHeader >= 224){AddTextLine("Section Alignment", FormatDWord(ioh->SectionAlignment, szValue, szBytesWord));AddTextLine("File Alignment", FormatDWord(ioh->FileAlignment, szValue, szBytesWord));sprintf(szValue, "%d.%d", ioh->MajorOperatingSystemVersion, ioh->MinorOperatingSystemVersion);AddTextLine("OS Version", szValue);sprintf(szValue, "%d.%d", ioh->MajorImageVersion, ioh->MinorImageVersion);AddTextLine("Image Version", szValue);sprintf(szValue, "%d.%d", ioh->MajorSubsystemVersion, ioh->MinorSubsystemVersion);AddTextLine("Subsystem Version", szValue);AddTextLine("Size Of Image", FormatDWord(ioh->SizeOfImage, szValue, szBytesWord));AddTextLine("Size Of Headers", FormatDWord(ioh->SizeOfHeaders, szValue, szBytesWord));AddTextLine("Checksum", FormatDWordHex(ioh->CheckSum, szValue, 8));AddTextLine("Subsystem", GetSubsystemName(ioh->Subsystem, szValue));AddTextLine("Reserve Stack Size", FormatDWordHex(ioh->SizeOfStackReserve, szValue, 8));AddTextLine("Commit Stack Size", FormatDWordHex(ioh->SizeOfStackCommit, szValue, 8));AddTextLine("Reserve Heap Size", FormatDWordHex(ioh->SizeOfHeapReserve, szValue, 8));AddTextLine("Commit Heap Size", FormatDWordHex(ioh->SizeOfHeapCommit, szValue, 8));AddTextLine("Base Address", FormatDWordHex(ioh->ImageBase, szValue, 8));}AddTextLine("Entry Point", FormatDWordHex(ioh->AddressOfEntryPoint, szValue, 8));AddTextLine("Base Of Code", FormatDWordHex(ioh->BaseOfCode, szValue, 8));AddTextLine("Base Of Data", FormatDWordHex(ioh->BaseOfData, szValue, 8));//Section HeadersIMAGE_SECTION_HEADER *ishs;DWORD dwInfo1;USHORT uNumOfSections = ifh->NumberOfSections;if (uNumOfSections > MAX_NUM_OF_SECTIONS)uNumOfSections  = MAX_NUM_OF_SECTIONS;ishs = (IMAGE_SECTION_HEADER *)&szMewHeader[24 + ifh->SizeOfOptionalHeader]; AddMainText("\r\nSection Headers Information\r\n===================================\r\n");sprintf(szValue, "This file has %d sections:\r\n", ifh->NumberOfSections);AddMainText(szValue);for (USHORT uIndex = 0; uIndex < uNumOfSections; uIndex++){if (uIndex == 0) AddMainText("----------------------------------------\r\n");memcpy(szValue, ishs[uIndex].Name, 8);szValue[8] = '\0';AddTextLine("Section Name", szValue);AddTextLine("Virtual Address", FormatDWordHex(ishs[uIndex].VirtualAddress, szValue, 8));AddTextLine("Raw Data Size", FormatDWordHex(ishs[uIndex].SizeOfRawData, szValue, 8));AddTextLine("Raw Data Pointer", FormatDWordHex(ishs[uIndex].PointerToRawData, szValue, 8));AddTextLine("Characteristics", GetSectionCharacteristics(ishs[uIndex].Characteristics, szValue));AddMainText("----------------------------------------\r\n");}GetInfoFromSectionHeaders(ishs, uNumOfSections, &dwInfo1);if ((dwInfo1 & SECTIONS_HEADER_INFO_PKLITE) != 0)AddMainText("\r\n*** The file is compressed with PKLITE for Windows ***\r\n");if ((dwInfo1 & SECTIONS_HEADER_INFO_WINZIP) != 0)AddMainText("\r\n*** The file is self-extractor archive created by WinZip ***\r\n");if ((dwInfo1 & SECTIONS_HEADER_INFO_WWPACK32) != 0)AddMainText("\r\n*** The file is compressed with WWPACK32 ***\r\n");if ((dwInfo1 & SECTIONS_HEADER_INFO_UPX) != 0)AddMainText("\r\n*** The file is compressed with UPX ***\r\n");//Compilers Detectionchar *pVBSignature = (char *)&szMewHeader[24 + ifh->SizeOfOptionalHeader + 40 * uNumOfSections + 0x10];char *pDelphiSignature = (char *)&szMewHeader[0x400 - idh->e_lfanew]; BYTE VBVer = 0;char szCompiler[30] = "";//Visual Basic Detectionif (memcmp(pVBSignature, SIGNATURE_VB4, strlen(SIGNATURE_VB4)) == 0) VBVer = 4;if (memcmp(pVBSignature, SIGNATURE_VB5, strlen(SIGNATURE_VB5)) == 0) VBVer = 5;if (memcmp(pVBSignature, SIGNATURE_VB6, strlen(SIGNATURE_VB6)) == 0) VBVer = 6;if (VBVer != 0)sprintf(szCompiler, "Visual Basic %d.0", VBVer);else//Delphi Detectionif    (memcmp(pDelphiSignature, SIGNATURE_DELPHI_1, 13) == 0 ||memcmp(pDelphiSignature, SIGNATURE_DELPHI_2, 13) == 0 || memcmp(pDelphiSignature, SIGNATURE_DELPHI_3, 11) == 0)strcpy(szCompiler, "Borland Delphi");if (szCompiler[0] != '\0'){sprintf(szValue, "\r\n*** The file was compiled by %s ***\r\n", szCompiler);AddMainText(szValue);}}} else{AddMainText("\r\nUnrecognized file format.\r\n");return;}} else{ShowError(lpszFilename, "Cannot read from %s\r\nError %d:%s");return;}} else{ShowError(lpszFilename, "Cannot open %s\r\nError %d:%s");return;}AddMainText("\r\nVersion Information\r\n====================\r\n");dwSize = GetFileVersionInfoSize((LPTSTR)lpszFilename, &dwTemp);if (dwSize > 0){char *buf = new char[dwSize];char *str;char szLang1[20];VS_FIXEDFILEINFO *pInfo;GetFileVersionInfo((LPTSTR)lpszFilename, 0, dwSize, buf);if (VerQueryValue((LPVOID)buf, "\\", (LPVOID *)&pInfo, &dwSize)){AddTextLine("Operating System", GetFileOSName(pInfo->dwFileOS, szValue));AddTextLine("File Type", GetFileType(pInfo->dwFileType, szValue));AddTextLine("File Sub-Type", GetFileSubType(pInfo->dwFileType, pInfo->dwFileSubtype , szValue));sprintf(szValue, "%d,%d,%d,%d", (pInfo->dwFileVersionMS >> 16), (pInfo->dwFileVersionMS & 65535), (pInfo->dwFileVersionLS >> 16), pInfo->dwFileVersionLS & 65535);AddTextLine("File Version", szValue);sprintf(szValue, "%d,%d,%d,%d", (pInfo->dwProductVersionMS >> 16), (pInfo->dwProductVersionMS & 65535), (pInfo->dwProductVersionLS >> 16), pInfo->dwProductVersionLS & 65535);AddTextLine("Product Version", szValue);}AddMainText("============================================================\r\n");VerQueryValue((LPVOID)buf, "\\VarFileInfo\\Translation", (LPVOID *)&str, &dwSize);sprintf(szLang1, "%4.4X%4.4X", *(unsigned short *)str, *(unsigned short *)(str + 2));if (GetInfoStr(buf, szLang1, "ProductName", szValue))AddTextLine("Product Name", szValue);if (GetInfoStr(buf, szLang1, "FileDescription", szValue))AddTextLine("File Description", szValue);if (GetInfoStr(buf, szLang1, "FileVersion", szValue))AddTextLine("File Version", szValue);if (GetInfoStr(buf, szLang1, "ProductVersion", szValue))AddTextLine("Product Version", szValue);if (GetInfoStr(buf, szLang1, "CompanyName", szValue))AddTextLine("Company Name", szValue);if (GetInfoStr(buf, szLang1, "InternalName", szValue))AddTextLine("Internal Name", szValue);if (GetInfoStr(buf, szLang1, "LegalCopyright", szValue))AddTextLine("Legal Copyright", szValue);if (GetInfoStr(buf, szLang1, "OriginalFileName", szValue))AddTextLine("Original FileName", szValue);delete []buf;} elseAddMainText("Version information is not available for this file.");
}void ExeOpen(HWND hwndDlg)
{char szFilename[MAX_PATH];//Display open file dialog-boxif (OpenFileDialog(szFilename)){//Load the file that the user selected.ShowExeInfo(szFilename);}}void CopyEditToClipboard(HWND hWnd)
{SendMessage(hWnd, EM_SETSEL, 0, 65535L);SendMessage(hWnd, WM_COPY, 0 , 0);SendMessage(hWnd, EM_SETSEL, 0, 0);
}BOOL CALLBACK MainDlgProc(HWND hwndDlg,  // handle to dialog boxUINT uMsg,     // messageWPARAM wParam, // first message parameterLPARAM lParam  // second message parameter
)
{WORD wNotifyCode, wID;char szDropFile[MAX_PATH];HDROP hDrop = (HDROP) wParam; switch(uMsg){case WM_INITDIALOG:SetDlgItemText(hwndDlg, IDC_EDIT_MAIN, START_TEXT);//Allows to drag files into the main dialog-box.DragAcceptFiles(hwndDlg, TRUE);//Set main font.SetEditFont(GetDlgItem(hwndDlg, IDC_MAIN_EDIT));return TRUE;case WM_CLOSE:PostQuitMessage(0);return TRUE;case WM_CTLCOLORSTATIC:if ((HWND)lParam == GetDlgItem(hwndDlg, IDC_EDIT_MAIN)){SetBkColor((HDC)wParam, crMainEdit);return (BOOL)hMainEditBrush;}return TRUE;case WM_DISPLAYCHANGE://On display settings change, recreate the brush.PrepareEditBrush();     return TRUE;case WM_DROPFILES://Load the file that the user dropped into ExeInfo.hDrop = (HDROP) wParam; DragQueryFile(hDrop, 0, szDropFile, MAX_PATH);DragFinish(hDrop);ShowExeInfo(szDropFile);return TRUE;case WM_COMMAND:wNotifyCode = HIWORD(wParam); // notification code wID = LOWORD(wParam);         // item, control, or accelerator identifier if (wID == IDC_BUTTON_EXIT && wNotifyCode == BN_CLICKED){PostQuitMessage(0);return TRUE;}else if (wID == IDC_BUTTON_OPEN && wNotifyCode == BN_CLICKED){ExeOpen(hwndDlg);return TRUE;} else if (wID == IDC_BUTTON_COPY && wNotifyCode == BN_CLICKED){CopyEditToClipboard(GetDlgItem(hwndDlg, IDC_EDIT_MAIN));return TRUE;}return FALSE;default:return FALSE;}
}void CenterWin(HWND hWnd)
{RECT rcWin;GetWindowRect(hWnd, &rcWin);SetWindowPos(hWnd, NULL, (GetSystemMetrics(SM_CXFULLSCREEN) - (rcWin.right - rcWin.left + 1)) / 2, (GetSystemMetrics(SM_CYFULLSCREEN) - (rcWin.bottom - rcWin.top + 1)) / 2, 0, 0, SWP_NOOWNERZORDER | SWP_NOSIZE | SWP_NOZORDER);}int WINAPI WinMain(HINSTANCE  hInstance,   // handle to current instanceHINSTANCE  hPrevInstance,  // handle to previous instanceLPSTR  lpCmdLine, // pointer to command lineint  nShowCmd     // show state of window)
{MSG msg;char szCommand[1024];//Load small and large Icons from IDI_MAIN resourcehMainIcon32 = (HICON)LoadImage(hInstance, MAKEINTRESOURCE(IDI_MAIN), IMAGE_ICON, 32, 32, 0);hMainIcon16 = (HICON)LoadImage(hInstance, MAKEINTRESOURCE(IDI_MAIN), IMAGE_ICON, 16, 16, 0);//Create brushPrepareEditBrush();if ((hMainDlg = CreateDialog(hInstance, MAKEINTRESOURCE(IDD_MAIN), NULL, MainDlgProc)) != NULL){//Load icons into the dialog-box.SendMessage(hMainDlg, WM_SETICON, ICON_SMALL, (LPARAM)hMainIcon16);SendMessage(hMainDlg, WM_SETICON, ICON_BIG, (LPARAM)hMainIcon32);//Center dialog-boxCenterWin(hMainDlg);SetMainText(START_TEXT);//Display the dialog-boxShowWindow(hMainDlg, SW_SHOW);StrTrim(lpCmdLine, szCommand);if (szCommand[0] != '\0'){//Load Exe specified in command-lineRemoveQuotes(szCommand);ShowExeInfo(szCommand);}//Main message loop.while (GetMessage(&msg, NULL, 0, 0)){if (!IsDialogMessage(hMainDlg, &msg)){TranslateMessage(&msg);DispatchMessage(&msg);}}//Free the brush and font before exit.DeleteObject(hMainEditBrush);DeleteObject(hEditFont);}return 0;
}

可执行文件信息查看工具代码示例相关推荐

  1. 当前主要使用的python版本_如何获取当前使用的Python版本信息?(代码示例)

    本篇文章主要给大家介绍如何获取当前Python版本,希望对需要的朋友有所帮助! 版本信息: 包含版本号的五个组件的元组:major,minor,micro,releaselevel和serial.除r ...

  2. 给大家推荐一款高逼格的Linux磁盘信息查看工具

    可以使用df命令来显示在Linux.macOS和类Unix系统中挂载的文件系统上有多少可用磁盘空间.还可以使用du命令来估计文件空间的使用情况.我们现在有了另一个奇特的工具,名为duf,是一款gola ...

  3. Linux记载磁盘信息,分享一款高逼格的Linux磁盘信息查看工具

    原标题:分享一款高逼格的Linux磁盘信息查看工具 可以使用df命令来显示在Linux.macOS和类Unix系统中挂载的文件系统上有多少可用磁盘空间.还可以使用du命令来估计文件空间的使用情况.我们 ...

  4. 【Android 安全】DEX 加密 ( 阶段总结 | 主应用 | 代理 Application | Java 工具 | 代码示例 ) ★

    文章目录 一.主应用 二.代理 Application 解析 1.代理 Application 源码 2.反射对象成员以及方法的工具类 3.压缩解压缩工具类 4.OpenSSL 解密工具类 5.Ope ...

  5. 媒体文件信息查看工具 MediaInfo

    MediaInfo工具简介 MediaInfo是一个查看媒体文件信息的软件,主要的使用场景应该是查看图片.音乐和视频文件的媒体信息. Mac平台可以直接在App Store下载路径,当然也可以直接百度 ...

  6. 【Android工具】wifi概观360中文专业版,wifi overview 360 pro,wifi信息查看工具

    必须没有广告. WiFi概观360专业版是一款专业的wifi基本数据分析应用,可以帮助用户检测,分析不同的wifi的各种信息,包括强度.速度等等,帮助你选择最好的wifi进行链接 常用功能: 查看wi ...

  7. 多边形网格到B-Rep实体转换:算法详细信息和C ++代码示例

    Using a triangulation algorithm (known as tessellation) on a model's boundary representation is rela ...

  8. linux usb信息查看工具,Linux下,查看USB设备信息

    首先需要将usbfs挂载一下,然后才能查看. $ mount -t usbfs none /proc/bus/usb $cat  /proc/bus/usb/devices或者在文件(/etc/fst ...

  9. php导出excel数据代码,phpspreadsheet导出数据到Excel的方法介绍(代码示例)

    本篇文章给大家带来的内容是关于phpspreadsheet导出数据到Excel的方法介绍(代码示例),有一定的参考价值,有需要的朋友可以参考一下,希望对你有所帮助. 之前我们使用PHP导出Excel数 ...

最新文章

  1. Modbus RTU 通信工具设计
  2. 一维有限元法matlab,一维有限元法解常微分方程
  3. 第十五章 Python和Web
  4. 分步表单如何实现 html_HTML表单入门的分步指南
  5. PC软件开发技术之二:用C#开发基于自动化接口的OPC客户端
  6. 纯野今日之最:面试谈
  7. ARTIF:实时威胁智能识别框架
  8. 如何利用matlab循环读取文件夹中的文件
  9. 安装算量软件价格_鹏业安装算量软件正版购买渠道
  10. 异或运算——小卡和质数
  11. Apple开发账号添加团队成员
  12. 专业计算机基础教学,计算机基础教学计划
  13. element ui 控件与布局学习(自用)
  14. iphone的Safari浏览器中HTML5上传图片方向问题解决方法
  15. python索引右往左_Python字符串从左到右索引默认0开始的,最大范围是字符串长度少1...
  16. google新操作系统Fuchsia
  17. html中spry的长度怎么更改,Dreamweaver中Spry区域功能说明
  18. linux显示文本命令大全(cat/tac/more/head/less/tail)
  19. 手把手带你写代码,完美实现Java分页功能
  20. win10 命令行打开文件

热门文章

  1. 项目经理到底要不要考取PMP证书?
  2. 头条等互联网公司面试准备、HR、Android技术等面试问题汇总
  3. list迭代器的模拟实现
  4. 4. struct 结构体
  5. sqoop导入数据到hive
  6. userdel: user xxx is currently used by process xxx 解决方案
  7. 海量数据去重的Hash与BloomFilter学习笔记
  8. 关于苹果手机打开钉钉小程序中处理的日期显示invalid date
  9. EDM营销进行消费场景布置的案例分享
  10. 中文汉字翻译为相应的拼音