How to Check if a DLL or EXE is 32-bit or 64-bit (x86 or x64) us

  • 时间:2020-09-11 08:17:29
  • 分类:网络文摘
  • 阅读:92 次

On Windows, the executables are either EXE or DLL (sometimes OCX). We can programmatically tell if the executable is a 32-bit (x86) or 64-bit (x64) by looking into its PE header signature.

In VBScript, we can call CreateObject method to invoke the COM library. Here we use the ADODB.Stream to Read a File in binary stream. Then, we need to read a few bytes from the file header.

The AscB in Vbscript returns the first byte of given string. And the MidB will return a range of bytes in the middle.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

Function GetPlatformForExeOrDLL(File)
    Set BinaryStream = CreateObject("ADODB.Stream")
    
    BinaryStream.Type = 1
    BinaryStream.Open
    
    On Error Resume Next    
    BinaryStream.LoadFromFile File
 
    If err.number <> 0 Then
        GetPlatformForExeOrDLL = ""
        Exit Function
    End If
    On Error Goto 0
          
    skip = BinaryStream.Read(&H3C)
    positionSignature = BinaryStream.Read(4)
    
    strPosition=""
    For lngCounter = 0 to UBound(positionSignature)
        car= Ascb(Midb(positionSignature, lngCounter + 1, 1))
        s = Hex(car)
        If Len(s) = 1 Then
            s = "0" & s
        End If 
        strPosition = s & strPosition
    Next
    
    positionSignature = CInt("&H" & strPosition)
    
    BinaryStream.Position = positionSignature
    
    arr_signature = BinaryStream.Read(6)
    
    signature = ""
    For lngCounter = 0 to UBound(arr_signature)
        car= AscB(Midb(arr_signature, lngCounter + 1, 1))
        s = Hex(car)
        If Len(s) = 1 Then
            s = "0" & s
        End If
        signature = signature & s 
    Next
    
    BinaryStream.Close
        
    If signature = "504500004C01" Then
        GetPlatformForExeOrDLL = "x86"
    ElseIf signature = "504500006486" Then
        GetPlatformForExeOrDLL = "x64"
    End If
End Function
Function GetPlatformForExeOrDLL(File)
	Set BinaryStream = CreateObject("ADODB.Stream")
	
	BinaryStream.Type = 1
	BinaryStream.Open
	
	On Error Resume Next	
	BinaryStream.LoadFromFile File

	If err.number <> 0 Then
		GetPlatformForExeOrDLL = ""
		Exit Function
	End If
	On Error Goto 0
		  
	skip = BinaryStream.Read(&H3C)
	positionSignature = BinaryStream.Read(4)
	
	strPosition=""
	For lngCounter = 0 to UBound(positionSignature)
	    car= Ascb(Midb(positionSignature, lngCounter + 1, 1))
	    s = Hex(car)
	    If Len(s) = 1 Then
	    	s = "0" & s
	    End If 
	    strPosition = s & strPosition
	Next
	
	positionSignature = CInt("&H" & strPosition)
	
	BinaryStream.Position = positionSignature
	
	arr_signature = BinaryStream.Read(6)
	
	signature = ""
	For lngCounter = 0 to UBound(arr_signature)
	    car= AscB(Midb(arr_signature, lngCounter + 1, 1))
	    s = Hex(car)
	    If Len(s) = 1 Then
	    	s = "0" & s
	    End If
	    signature = signature & s 
	Next
	
	BinaryStream.Close
		
	If signature = "504500004C01" Then
	    GetPlatformForExeOrDLL = "x86"
	ElseIf signature = "504500006486" Then
	    GetPlatformForExeOrDLL = "x64"
	End If
End Function

The Magik numbers we are looking for are: 504500004C01 for x86 platform and 504500006486 for x64 platform. If neither are found, it is unlikely a valid windows DLL or EXE file.

Example usage:

1
2
3
4

' x64
WScript.Echo GetPlatformForExeOrDLL("C:\Windows\System32\cmd.exe") 
' x86
WScript.Echo GetPlatformForExeOrDLL("C:\Windows\SysWow64\cmd.exe")
' x64
WScript.Echo GetPlatformForExeOrDLL("C:\Windows\System32\cmd.exe") 
' x86
WScript.Echo GetPlatformForExeOrDLL("C:\Windows\SysWow64\cmd.exe")
vbscript How to Check if a DLL or EXE is 32-bit or 64-bit (x86 or x64) using VBScript Function? vbscript

vbscript

–EOF (The Ultimate Computing & Technology Blog) —

推荐阅读:
4个与大豆营养价值有关的真假说法  早餐第一口吃什么样的食物最养胃  萝卜颜色各异 营养价值各不相同  冬季养生美味 各种萝卜汤养胃又暖身  电脑族抗辐射可以经常吃这种水果  生活中常见的保护肠道健康的食物  注意三个饮食原则让你远离癌症威胁  羊奶粉调查:10款羊奶粉中有7款掺牛乳  冬季吃火锅大有门道 火锅底料很重要  寒冷天气吃多了这5类食物会伤及肠胃 
评论列表
添加评论