cheap2el is tiny library for exploring Windows PE(Portable Executable) format files in C/C++ programming language.
- enumerating headers.
- enumerating import tables(IAT/INT), including bound imports, delay imports.
- enumerating export tables(EAT/ENT).
- dll pseudo loading.
- enumerating COFF Object file sections, relocations, symbols.
- enumerating COFF LIB file archive members, linker members.
- open your visual studio command prompt.
- cd to top of source directory.
- do
nmake cheap2el(for cheap2el.lib) -> if build success, "cheap2el.lib" will be created in top of source directory.nmake test(for unittests)nmake samples(for samples)nmake clean(remove all obj, exe, dlls)
All unittest and samples are compiled, and tested on...
OS : Windows 10 Pro (64bit, Japanese)
SDK : Microsoft Visual Studio 2017 Community Edition + Windows SDK 10.0.16299.0
Build : from x86 Native Tools Command Prompt
Compiler & Linker Version :
> cl
Microsoft(R) C/C++ Optimizing Compiler Version 19.13.26131.1 for x86
Copyright (C) Microsoft Corporation. All rights reserved.
> link
Microsoft (R) Incremental Linker Version 14.13.26131.1
Copyright (C) Microsoft Corporation. All rights reserved.
- Add include path to "cheap2el.h" in your project's compiler option.
- Add library path to "cheap2el.lib" in your project's linker option.
- Read unittest source code to understand cheap2el api usage.
MSDN Magazine/MSJ articles written by Matt Pietrek:
- February 2002 Vol 17 No. 2, "Inside Windows: An In-Depth Look into the Win32 Portable Executable File Format (Part I)"
- March 2002 Vol 17 No. 3, "Inside Windows: An In-Depth Look into the Win32 Portable Executable File Format (Part II)"
Japanese PE format web resource:
c-unit: