Programmers and software engineers will always use the latest development environments, the trendiest frameworks, and languages they learned only 21 days ago. What if this weren’t the case? What if developers put care into their craft and wrote programs with an old world charm? What if Windows executables were made with the same patience as artisanal firewood, or free range granola? [Steve] has done it. He’s forging a path into the wilds of truly hand crafted executables.
The simplest executable you could run on a Windows box is just a simple .COM file. This is an extremely simple file format that just contains code and data loaded into 0100h, and a jump to another point in the code. The DOS .EXE file format is slightly more complicated, but not by much. [Steve]’s goal was to build a proper Windows executable without a compiler, assembler, linker, or anything else.
The process of pruning an executable down to its bare minimum began, of course, by creating a program. The test program in this case just returns a number. This program was created with the BuildExe() function that first creates a valid Windows PE header. After this comes an ‘optional’ header with values for each section of the executable, the entry point address, and the offset to the first section’s data. Following the optional header is a section of data directories, and several bytes of book keeping. Finally there are four bytes of [Steve]’s code. The total size for the original executable? 516 bytes.
After a few optimizations to the BuildExe() function, [Steve] managed to get the size of his executable down to 300 bytes, but found anything smaller than 328 bytes wouldn’t work; the OS assumes a minimum size for the optional header and data directories. After stuffing 28 bytes of padding on the end, [Steve] had an executable 328 bytes long.
There was another technique [Steve] could try – overlapping the PE header and part of the optional header with the first DOS header. It turns out the only important part of the DOS header is the first two bytes – ‘MZ’, the magic number and initials for one of the original DOS developers. By keeping that ‘MZ’ and putting other needed data in place of the otherwise empty DOS header, [Steve] managed to get his executable down to 268 bytes. That’s the absolute minimum size for a working executable under Windows 7 64-bit edition. Windows is smart enough to prevent four byte long .COM files from running now, so unless you want to go back to terrible versions of Windows, this is probably the smallest executable Windows will run today.
Filed under: computer hacks, software hacks
No comments:
Post a Comment