{"id":4965,"date":"2016-06-28T19:35:45","date_gmt":"2016-06-28T19:35:45","guid":{"rendered":"http:\/\/blog.bachi.net\/?p=4965"},"modified":"2016-09-04T16:15:03","modified_gmt":"2016-09-04T16:15:03","slug":"executable-file-format-container","status":"publish","type":"post","link":"https:\/\/blog.bachi.net\/?p=4965","title":{"rendered":"Executable File Format \/ Container"},"content":{"rendered":"<h3>Microsoft<\/h3>\n<ul>\n<li>Section 2.3.1. Machine Types<\/li>\n<\/ul>\n<p><a href=\"https:\/\/msdn.microsoft.com\/en-us\/windows\/hardware\/gg463119.aspx\">Microsoft PE and COFF Specification<\/a><br \/>\n<a href=\"http:\/\/superuser.com\/questions\/358434\/how-to-check-if-a-binary-is-32-or-64-bit-on-windows\">How to check if a binary is 32 or 64 bit on Windows?<\/a><\/p>\n<h3>Wikipedia<\/h3>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Portable_Executable\">Portable Executable (PE)<\/a><br \/>\n<a href=\"https:\/\/en.wikipedia.org\/wiki\/COFF\">Common Object File Format (COFF)<\/a><br \/>\n<a href=\"https:\/\/en.wikipedia.org\/wiki\/Executable_and_Linkable_Format\">Executable and Linkable Format (ELF)<\/a><br \/>\n<a href=\"https:\/\/en.wikipedia.org\/wiki\/Mach-O\">Mach object (Mach-O)<\/a><\/p>\n<h3>Ange Albertini (corkami.com)<\/h3>\n<p><a href=\"https:\/\/github.com\/angea\/corkami\">github.com\/angea\/corkami<\/a><br \/>\n<a href=\"http:\/\/pics.corkami.com\/\">pics.corkami.com<\/a><\/p>\n<h3>wikibooks.org<\/h3>\n<p><a href=\"https:\/\/en.wikibooks.org\/wiki\/X86_Disassembly\">x86 Disassembly<\/a><br \/>\n<a href=\"https:\/\/en.wikibooks.org\/wiki\/X86_Disassembly\/Windows_Executable_Files\">x86 Disassembly\/Windows Executable Files<\/a><br \/>\n<a href=\"https:\/\/en.wikibooks.org\/wiki\/X86_Disassembly\/Linux_Executable_Files\">x86 Disassembly\/Linux Executable Files<\/a><\/p>\n<h3>Compiler<\/h3>\n<p><a href=\"https:\/\/wiki.gentoo.org\/wiki\/GCC_optimization>GCC optimization<\/a><br \/>\n<a href=\"https:\/\/gcc.gnu.org\/wiki\/LinkTimeOptimization\">Link Time Optimization<\/a><\/p>\n<p><a href=\"http:\/\/resources.infosecinstitute.com\/understanding-windows-internal-call-structure\/\">Understanding Windows Internal Call Structure<\/a><br \/>\n<a href=\"http:\/\/www.pelib.com\/\">PeLib   An open-source C++ library to modify PE files<\/a><br \/>\n<a href=\"http:\/\/www.pelib.com\/resources\/luevel.txt\">The PE file format<\/a><br \/>\n<a href=\"http:\/\/www.heaventools.com\/overview.htm\">PE Explorer: View, Edit, and Reverse Engineer EXE and DLL Files<\/a><br \/>\n<a href=\"http:\/\/www.heaventools.com\/PE_Explorer_disassembler.htm\">PE Explorer Disassembler<\/a><\/p>\n<h3>MSYS2<\/h3>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n$ pacman -S binutils\r\n$ objdump -f \/c\/Program\\ Files\/Git\/bin\/git.exe\r\n\r\n\/c\/Program Files\/Git\/bin\/git.exe:     file format pei-x86-64\r\narchitecture: i386:x86-64, flags 0x00000103:\r\nHAS_RELOC, EXEC_P, D_PAGED\r\nstart address 0x0000000000401510\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Section 2.3.1. Machine Types Microsoft PE and COFF Specification How to check if a binary is 32 or 64 bit on Windows? Wikipedia Portable Executable (PE) Common Object File Format (COFF) Executable and Linkable Format (ELF) Mach object (Mach-O) Ange Albertini (corkami.com) github.com\/angea\/corkami pics.corkami.com wikibooks.org x86 Disassembly x86 Disassembly\/Windows Executable Files x86 Disassembly\/Linux Executable [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4965","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/4965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4965"}],"version-history":[{"count":8,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/4965\/revisions"}],"predecessor-version":[{"id":5146,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/4965\/revisions\/5146"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}