#1
|
||||
|
||||
packing-format
i'm trying to extract a setup-file manually with my debugger.
this file creates a temporary file called com.dat, i analysed this is packed through the GZ-format. so i unpacked it through winrar and got a file called com.gz.out this file has no crypto or something else, all files are in plain there but i don't want to do that manually. the format in hex is looking like this: 00E0010064626768656C702E646C6C00CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD there are a lot of more CD hex-bytes. the first part seems to be some type of descriptor, it's a dword. then there's the filename, a lot of more CD and then the next descriptor and next filename till it gets to the beginning of the files. anyone knows what format this is and how to decompress it? |
#2
|
|||
|
|||
I assume it's the TAR format that can be unpacked by WinRAR aswell.
TAR is often used along with GZ because with GZ you can only compress one file at a time so first all files you want to compress are put into an uncompressed tar which is compressed with gz. |
#3
|
||||
|
||||
i thought the same first, but it seems if i rename it to tar, winrar can't read it. maybe modified, maybe some other type...
|
#4
|
|||
|
|||
you might try to post something here:
http://groups.google.com/groups?hl=en&lr=&group=comp.compression |
#5
|
|||
|
|||
Quote:
should be easy to write an own unpacker for this un-gz-ed file. What you have described looks like a structure of the following format Code:
struct ungzfile { unsigned long dwOffset; // Offset of the file char szFilename[256]; // name of the file, maybe more than 256 bytes } |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Awesome Executable Packing | DARKER | General Discussion | 0 | 12-12-2021 17:40 |
About .Net Packing and Introduction | BackTangent | General Discussion | 10 | 06-12-2011 20:24 |
Windows Drivers (.sys) packing/protection | pp2 | General Discussion | 8 | 04-15-2005 11:49 |
How to determine packing method? | vxd | General Discussion | 2 | 12-01-2002 05:50 |