I got following C code compiled with GCC on Windows
#include <stdio.h>
#include <conio.h>
int main() {
int a = 68639977;
printf("int: %d", a);
getch();
a++;
return 0;
}
For education purposes i was trying to figure out the int value from exe PE file (from .data section) with some HEX editor.
I converted the decimal value to hex (4175CE9) But i was unable to find this value
I searched the whole .exe (not only .data section) and i cant find this value..
What im doing wrong? Or maybe im totally wrong and i cant see this value in exe file for some reason.
Ty.
As it was already pointed out in the comments, the reason you can't find 4175CE9 is that the modern CPUs are using little endian ("reversed") notation (you can read about it here and here).
Check out this example on Godbolt. In line 8 (4 in decimal) you can see the reversed value in the machine view, and the assembly view reversed it automatically (note it's using the GCC compiler)