Li
/
pesubsystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
pesubsystem/PESubsystem/PESubsystem/Program.cs

95 lines
2.6 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace PESubsystem
{
class Program
{
static short ReadInt16(Stream str)
{
byte[] IntBytes = new byte[2];
str.Read(IntBytes, 0x00, 0x2);
return BitConverter.ToInt16(IntBytes, 0x0);
}
static void WriteInt16(Stream str, short shr)
{
byte[] IntBytes = BitConverter.GetBytes(shr);
str.Write(IntBytes, 0x00, 0x2);
}
static int ReadInt32(Stream str)
{
byte[] IntBytes = new byte[4];
str.Read(IntBytes, 0x00, 0x4);
return BitConverter.ToInt32(IntBytes,0x0);
}
static void Main(string[] args)
{
string FileName = "";
if(args.Length >= 1)
{
FileName = args[0];
}
else
{
Console.Write("Enter Filepath: ");
FileName = Console.ReadLine();
}
FileStream fs = new FileStream(FileName, FileMode.Open, FileAccess.ReadWrite);
fs.Seek(0x3C, SeekOrigin.Begin);
int PELocation = ReadInt32(fs);
Console.WriteLine("PE Header Location: " + PELocation.ToString());
fs.Seek(PELocation, SeekOrigin.Begin);
fs.Seek(0x5C, SeekOrigin.Current);
int Subsystem = ReadInt16(fs);
string Subsystem_Str = "";
switch(Subsystem)
{
case 1:
Subsystem_Str = "Win32_DRIVER";
break;
case 2:
Subsystem_Str = "Win32_GUI";
break;
case 3:
Subsystem_Str = "Win32_CUI";
break;
default:
Subsystem_Str = "UNKNOWN";
break;
}
Console.WriteLine("PE Subsystem: " + Subsystem.ToString() + " ("+ Subsystem_Str+")");
short NewSubsys = 0;
if (args.Length >= 2)
{
NewSubsys = Int16.Parse(args[1]);
}
else
{
Console.WriteLine("\nSubsystems:\n1) WIN32_DRIVER\n2) WIN32_GUI\n3) WIN32_CUI\n\nEnter new subsystem value: ");
NewSubsys = Int16.Parse(Console.ReadLine());
}
fs.Seek(-2, SeekOrigin.Current);
WriteInt16(fs, NewSubsys);
Console.WriteLine("Done! Subsystem value changed to: " + NewSubsys + "\nBlessed Be!");
}
}
}
Reference in New Issue View Git Blame Copy Permalink