Skip to content

PE/COFF 4J is a java engineering library for portable executables, the format used by Windows

Notifications You must be signed in to change notification settings

kichik/pecoff4j

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

PECOFF4J

PE/COFF 4J is a java engineering library for portable executables, the format used by Windows. It has the following features:

  • Parser for Windows executables and DLLs.
  • Assembler for creating and modifying executables and DLLs.
  • Resource directory parser - understands version info, icons.

This is a fork of http://sourceforge.net/projects/pecoff4j/

Imported from CVS on May 24th, 2014

Actions Status Maven Central

Installation

This fork of PECOFF4J is available on Maven Central.

<dependency>
  <groupId>com.kichik.pecoff4j</groupId>
  <artifactId>pecoff4j</artifactId>
  <version>0.4.1</version>
</dependency>

See Maven Central for more installation options like Gradle, SBT, Ivy, etc.

License

Sources are licensed under Common Public License v1.0

New Features

The project was forked to implement version string parsing for a StackOverflow question.

Recently, support for modifying the resource directory has been added (e.g. adding or removing icons). See the ResourceDirectoryTest for some basic examples. Use the rebuild method to re-calculate the internal structures prior to creating the binary using the write method.

Example

import java.io.IOException;

import com.kichik.pecoff4j.PE;
import com.kichik.pecoff4j.ResourceDirectory;
import com.kichik.pecoff4j.ResourceEntry;
import com.kichik.pecoff4j.constant.ResourceType;
import com.kichik.pecoff4j.io.DataReader;
import com.kichik.pecoff4j.io.PEParser;
import com.kichik.pecoff4j.resources.StringFileInfo;
import com.kichik.pecoff4j.resources.StringPair;
import com.kichik.pecoff4j.resources.StringTable;
import com.kichik.pecoff4j.resources.VersionInfo;
import com.kichik.pecoff4j.util.ResourceHelper;

public class Main {

	public static void main(String[] args) throws IOException {
		PE pe = PEParser.parse("C:/windows/system32/notepad.exe");
		ResourceDirectory rd = pe.getImageData().getResourceTable();

		ResourceEntry[] entries = ResourceHelper.findResources(rd, ResourceType.VERSION_INFO);
		for (ResourceEntry entry : entries) {
			byte[] data = entry.getData();
			VersionInfo version = VersionInfo.read(new DataReader(data));

			StringFileInfo strings = version.getStringFileInfo();
			StringTable table = strings.getTables().get(0);
			for (List<StringPair> pair : table.getStrings()){
				System.out.println(pair.getKey() + " = " + pair.getValue());
			}
		}
	}

}

Will print:

CompanyName = Microsoft Corporation
FileDescription = Notepad
FileVersion = 6.1.7600.16385 (win7_rtm.090713-1255)
InternalName = Notepad
LegalCopyright = © Microsoft Corporation. All rights reserved.
OriginalFilename = NOTEPAD.EXE
ProductName = Microsoft® Windows® Operating System
ProductVersion = 6.1.7600.16385

About

PE/COFF 4J is a java engineering library for portable executables, the format used by Windows

Resources

Stars

Watchers

Forks

Packages

No packages published