0
我写了一个基本helloworld.exe
与下用简单的线printf("helloworld!\n");
入口点的值的地址不同的PE Explorer和UltraEdit的
然后我用的UltraEdit查看EXE文件的字节,并还用于PE Explorer来看标题值。当涉及入口点地址时,PE资源管理器显示0x004012c0
。
Magic 010Bh PE32 Linker Version 1902h 2.25 Size of Code 00008000h Size of Initialized Data 0000B000h Size of Uninitialized Data 00000C00h Address of Entry Point 004012C0h Base of Code 00001000h Base of Data 00009000h Image Base 00400000h
但在UltraEdit我看0x000012c0
魔0x010B
后,计算16个字节后。
3F 02 00 00 E0 00 07 03 0B 01 02 19 00 80 00 00 00 B0 00 00 00 0C 00 00 C0 12 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 01 00 00 04 00 00 91 F6 00 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 E0 00 00 C0 06 00 00 00 00 00 00 00 00 00 00
哪一个是正确的?