#1
|
|||
|
|||
any one know this packer?
i use peid and it display:
Nullsoft PiMP Stub [Nullsoft PiMP SFX] * is there unpacker for this? who knows? i think it is packed with Nullsoft NSIS-Installer. so how to decompile a nullsoft installer? someone tell me "it is impossible to decompile and assemble it",is it true?? more info: i want to make "kav5.0.149.4_personalen.exe" install on 2k/2k3 server,so..... Last edited by c0d4r; 08-23-2004 at 16:05. |
#2
|
|||
|
|||
umm
NSIS = Nullsoft Scriptable Install System is a free installer with sources (available at sourceforge.net). Install (or uninstall) exe files made with NSIS have the stub that's shown by PEID ---> Nullsoft PiMP Stub [Nullsoft PiMP SFX] *
As far as I know NSIS itself offers no protection during installation, though uses several selectable compression methods to reduce the size. Hence, I'm a bit curious, why are you trying to unpack it? Cheers |
#3
|
||||
|
||||
why do you want decompile a nullsoft install?
Tell us more information... If you want to get the password for a installation package, download the Nullsoft package (it's free) and study how it's implementing the input of the password and then uses a debugger on the API call's. |
#4
|
|||
|
|||
There are voices who tell that it's impossible. But this is not true at all: the truth is just that there isn't a nsis automatic decompiler out there.
This is what Scott told me: "You can't decompile an NSIS installer, at present, because the decompiler would have to understand all of the different types of binary headers from all of the different versions of NSIS, as well as know how to identify any of them that have had their source modified (since its open source), so, nobody has yet to write this psychic program." Honestly I think he's right, nobody would write such a general program, but everyone who is interested in reversing a nsis package should examinate the sources and understand how the installer is done. Well, the only thing that you should discover is the registry and/or config files modifications during the install process, because the files that are copied are clearly available to you after a complete installation, isn't it? So here's what I'd do, if I were you: I would extract all files simply installing the program on my HD; then I'd take trace of all config changes made during installation, including new or modified registry keys; finally I would use myself the NSIS installer package to re-package everything |
#5
|
|||
|
|||
Did you try InstallExplorer?
http://plugring.farmanager.com/downld/files/instexpl_v0.3.rar (needs FAR - http://farmanager.com/). It works quite well most of the time. |
#6
|
|||
|
|||
Nope. Won't work. Just tried it myself
|
#7
|
|||
|
|||
I'm afraid it's the only unpacker available. As I said, it works most of the time. But it won't handle protected files, especially since NSIS is open source and even contains a comment describing the lines you need to change to make an unpacker's life harder. But if you take the source, a debugger, and a disassembler, it might be possible to unpack the file.
|
#8
|
|||
|
|||
Sorry for reviving this old post, but this info can be useful to someone:
Most of the installers made with NSIS can be opened (and extracted) with 7ZIP. |
The Following 2 Users Say Thank You to Molasar For This Useful Post: | ||
val2032 (01-28-2017) |
#9
|
|||
|
|||
SFX , some more
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
sys packer | emptyHook | General Discussion | 6 | 07-24-2012 19:46 |
New Packer | Kyrios | General Discussion | 3 | 11-11-2005 16:00 |
First .NET packer? | SystemeD | General Discussion | 16 | 06-05-2005 15:15 |
What packer would you use | Fade | General Discussion | 35 | 04-03-2004 12:01 |