Thesis Details
Automatická detekce knihovního kódu ze spustitelných souborů typu PE
English title
Automatic Library Code Detection in PE Executable Files
Language
Czech
Abstract
Master's thesis describes imported functions detection in PE executables, which are from static libraries. Main reason is process automatization and analysis simplification. Detection is solved by searching prepared patterns with missmatch tolerance. Missmatch are caused by changing address during building application. Resulting application supports compiler detection and it contains patterns for MinGW32, Visual studio 2005 and C++ Builder 6.
Keywords
PE executables, static library code detection, static library function recognition, compiler detection
Department
Degree Programme
Information Technology, Field of Study
Information Systems
Files
Status
defended, grade E
Date
19 June 2008
Reviewer
Committee
Hruška Tomáš, prof. Ing., CSc. (DIFS FIT BUT), předseda
Bartík Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Fučík Otto, doc. Dr. Ing. (DCSY FIT BUT), člen
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT), člen
Meduna Alexander, prof. RNDr., CSc. (DIFS FIT BUT), člen
Rozinajová Viera, doc. Ing., Ph.D. (FIIT STU), člen
Bartík Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Fučík Otto, doc. Dr. Ing. (DCSY FIT BUT), člen
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT), člen
Meduna Alexander, prof. RNDr., CSc. (DIFS FIT BUT), člen
Rozinajová Viera, doc. Ing., Ph.D. (FIIT STU), člen
Citation
MAREŠ, Petr. Automatická detekce knihovního kódu ze spustitelných souborů typu PE. Brno, 2008. Master's Thesis. Brno University of Technology, Faculty of Information Technology. 2008-06-19. Supervised by Kolář Dušan. Available from: https://www.fit.vut.cz/study/thesis/7141/
BibTeX
@mastersthesis{FITMT7141,
author = "Petr Mare\v{s}",
type = "Master's thesis",
title = "Automatick\'{a} detekce knihovn\'{i}ho k\'{o}du ze spustiteln\'{y}ch soubor\r{u} typu PE",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2008,
location = "Brno, CZ",
language = "czech",
url = "https://www.fit.vut.cz/study/thesis/7141/"
}