Results 1 to 2 of 2

Thread: PE "Version info" resource format?

  1. #1

    PE "Version info" resource format?

    Hello,

    I were looking CFF Explorer, and I would like to be able to parse the "Version Info" resource in the same way, so that I can programmatically edit it.

    can someone point me (or detail) to the format of the 'Version Info' resource? it seems a sequence of unicode strings, but there is surely about...

    In other words, if i know its format I am able to move it and add/edit/remove such entries at my will - but i need to know their format.

    Thanks in advance!

    Maximus
    I want to know God's thoughts ...the rest are details.
    (A. Einstein)
    --------
    ..."a shellcode is a command you do at the linux shell"...

  2. #2
    Registered User
    Join Date
    Feb 2004
    Location
    France
    Posts
    99
    Hi, Reactos is great for this kind of things.

    "Version Info" is probably a VS_VERSION_INFO_STRUCT32 structure:

    http://doxygen.reactos.org/d5/d68/dll_2win32_2version_2info_8c_source.html#l00197

    You may need to check the internal logic of the GetFileVersionInfoW API() from the SVN:

    http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/version/info.c?view=markup&pathrev=41329

    Or a more convenient display of the same function:

    http://doxygen.reactos.org/d5/d68/dll_2win32_2version_2info_8c_a7058d7e5b50bf967e639f3823ceca8b0.html#a7058d7e5b50bf967e639f3823ceca8b 0

    Hope it helps.

    edit:

    BTW you can get version info details using some Windows' APIs like GetVersionInfo(Ex) and the like:

    http://msdn.microsoft.com/en-us/library/ms646981%28VS.85%29.aspx

    But you can also update you PE resources using some nifty API, like UpdateResource():

    http://msdn.microsoft.com/en-us/library/ms648049%28VS.85%29.aspx
    Last edited by Neitsa; August 21st, 2010 at 12:14.
    Omne tulit punctum qui miscuit utile dulci

Similar Threads

  1. Replies: 0
    Last Post: February 13th, 2014, 07:42
  2. how to generat "1" instead of "uncounted" license
    By joyung in forum The Newbie Forum
    Replies: 38
    Last Post: April 10th, 2012, 03:57
  3. PE "Digital Signature" format?
    By Maximus in forum Advanced Reversing and Programming
    Replies: 2
    Last Post: August 23rd, 2010, 10:28
  4. Replies: 4
    Last Post: May 28th, 2009, 13:02
  5. Replies: 1
    Last Post: December 14th, 2007, 13:35

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •