Alexandre:
Look the complete code:
https://gist.github.com/bencz/3576dfc8a217a34c05a9
I know, has several things that can be improved
memcpy(&dosh.e_magic, "MZ".ptr, 2);
memcpy(&peh.Signature, "PE\0\0".ptr, 4);
memcpy(scth[1].Name.ptr, ".idata".ptr, 6);
memcpy(scth[2].Name.ptr, ".data".ptr, 5);
memcpy(&image[0x428], x"3820".ptr, 2);
memcpy(&image[0x430], x"3820".ptr, 2);
memcpy(&image[0x43a], "printf".ptr, 6);
memcpy(&image[0x448], "msvcrt.dll".ptr, 10);
memcpy(&image[0x201], x"00304000".ptr, 4);
memcpy(&image[0x207], x"30204000".ptr, 4);
memcpy(&image[0x600], "hello\n".ptr, 6);
Instead of this very bug-prone code, write yourself a little
function to perform this more safely.
Bye,
bearophile
