LCF-AT Posted January 18, 2017 Posted January 18, 2017 Hi guys, short question.So is there any tool out there what can check other PE files and can give info about this PE file about whats the minimum required OS to run this PE file? Idea: You do load a PE file into the tool and the tool does check now all imports of the PE file and does check the APIs (comparing with a data bank) and does list all APIs + infos like this... API NAME | Minimum supported client ------------------------------------------------------- GetModuleFileName | Windows XP GetVersionEx | Windows 2000 Professional VerifyVersionInfo | Windows 2000 Professional IsWow64Process | Windows Vista, Windows XP with SP2 ...... ....now it says the min OS = Windows XP with SP2 to run this PE file.So I think you know what I mean.I think its a good idea also to check your own codes PE files to see whether you have to change something (using other APIs or checking them first before using it as import) etc.So I dont know whether there is any tool already out there that the reason why I do ask for.If there is no such tool and you want to code something like this by yourself then the problem is how to get a latest list of most APIs to find the API Names & minimum supportet client / server infos of these APIs to compare it you know. So what do you think?Good or bad idea?Or is there any tool what can do this?No idea just looking for something like this to prevent checking MSDN each time if I need it. greetz
evlncrn8 Posted January 19, 2017 Posted January 19, 2017 doesnt the os version in the pe header kinda cater for this ? as it'd be set by the linker and the amount of api's for the databank would be huge and a pain in the ass to maintain
Teddy Rogers Posted January 19, 2017 Posted January 19, 2017 I have no idea why you would want a tool for this let alone code one? I see very little benefit for it's use unless there is a reason for it that I'm not currently aware of... Ted.
LCF-AT Posted January 19, 2017 Author Posted January 19, 2017 Hi again, so I think with such kind of tool its pretty easy to check any PE files also your own compiled files to find out the minimum supportet OS the file need to run just of checking the imports/Names like you do manually on MSDN page.Its just some kind of verify at the end.Normaly I dont remember what APIs xy are supportet by xy OS version and I just use them during coding but in many cases I use APIs directly without to check whether they are also present on some older OS versions than I use.Lets say you do use Win 8 or 10 and you want to be sure that your compiled file should work on lower systems (Win 2000 / XP) and then it would be nice to have such simple and quick checking tool and if you got a info that any OS isnt supportet by using imports XY/s then you can adjust your source to not call/add such imports directly into the source and you can switch to use first a checking code whether API xy is present or not and if not you can add a alternativ method you know what I mean?Its was just something I got in my mind durring checking / testing diffrent APIs / versions etc. So its boring to check such things always manually on MSDN or many APIs.Thats the reason why I did ask for it and I thought there is maybe already a tool like this anywhere but its seems it isnt. greetz
Teddy Rogers Posted January 20, 2017 Posted January 20, 2017 It is the responsibility of the programmer to ensure their program is running on the minimum supported operating system. If you are going to be calling functions or features of an OS that may be different from other OS' you should be first checking if the function is available before calling. You can use LoadLibrary and GetProcAddress to check availability... Ted.
atom0s Posted January 20, 2017 Posted January 20, 2017 (edited) Parse the PE header and look at the fields: MajorOperatingSystemVersion MinorOperatingSystemVersion MajorImageVersion MinorImageVersion MajorSubsystemVersion MinorSubsystemVersion These hold the versions set by the compiler the application was made with. You can use them to get an idea of the requirements of the program. You can look at the Machine entry within the NT header to determine if the file is 32bit or 64bit as well. (Or other subsystems if need be.) You can use CFF Explorer to view all of this data easily. Edited January 20, 2017 by atom0s
LCF-AT Posted January 20, 2017 Author Posted January 20, 2017 Hi again, yes of course I could use LoadLibrary & GetProcAddress APIs to check whether API xy is present or not but this wasnt my question.So I wanted to find a way to check the API imports after if a app does use it.Lets say you do code a app and you dont check APIs whether they are there or not so then the app will not start on system xy who dont have that API/s in the dlls etc.If you would have a little tool where you could check this quickly then it would output this info to you like I did post above and then you get remember that the app only will run on minumum system OS XY.Maybe you code a app using some APIs directly which are just minimun supportet by Win 7 then it will fail to start on lower OS but you wanted also to make it run on XP....the tool would say it to you and than you got a remembering and you know AHA...so this API/s xy I first need to check whether present or not etc.You know what I mean?So in my case I dont have all APIs in my head what min OS they have / need to run. About MajorOperatingSystemVersion till MajorSubsystemVersion etc.So this will not help.If I compile my apps then this infos are all set to 4.0 (Win 95) anyway whether I use newer APIs which are supportet minimum by XP or Win Vista etc.If I add a API like IsWow64Process directly as import in my source..(invoke IsWow64Process...) (API IsWow64Process gets added as imports = my compiled app can only run on system where the API is present = Windows Vista / Win XP SP2).If the API isnt present = error message that API isnt present / app can not start.So checking MajorOperatingSystemVersion in PE Header isnt working for this API supporting issues. Thats the reason again why I did ask whether there is any tool out there what can check this. greetz
atom0s Posted January 20, 2017 Posted January 20, 2017 There is no set method to tell what OS an API call will work on, that is something you are going to have to compile a list of yourself. MSDN has that info but there is no header or lib you can use thats premade to get that type of information.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now