Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 05-19-2004, 04:46
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 919
Rept. Given: 60
Rept. Rcvd 419 Times in 94 Posts
Thanks Given: 68
Thanks Rcvd at 328 Times in 100 Posts
Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499
Question How to get setup programs' signatures...

Hi all,
I'm starting to have a lot of setup files/installation unpackers actually all of wich are managing a single or some packer(s) type(s) (installshield different versions, Inno, Wise, msi, netinstaller, ...)
Each time I download a program it's always the same story, except for some evident cases I'm not able to recognize which is the used setup packer, so what I do is try all the tools I have, hoping to find one able to manage it.. not a really smart process indeed

I'm now wondering if there's a way or a tool like PEiD for packed programs that recognizes the signatures so as at least to know with which program the setup has been done and to directly user/search the proper unpacker..

Or could it directly be PEiD properly setted up, inserting the signatures in the ini file..afterall it's just a matter of understanding the signature each install builder app leaves inside (strings, informations, byte patterns..)

Could also be an idea for a project to start in case it doesn't exist yet.
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
  #2  
Old 05-19-2004, 06:52
phax
 
Posts: n/a
GT

Hi there!
Try GT2 from
hxxp://philip.helger.com/gt/
It detects PE signatures and archive contents etc.
Current version is 0.33; 0.34 is coming soon.
regards
PHaX
Reply With Quote
  #3  
Old 05-19-2004, 15:59
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 919
Rept. Given: 60
Rept. Rcvd 419 Times in 94 Posts
Thanks Given: 68
Thanks Rcvd at 328 Times in 100 Posts
Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499
Hi,
extremely interesting tool! I didn't know! Post here whenever the new version will be out!! You'll make the day of much ppl.
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
  #4  
Old 05-19-2004, 17:27
TQN TQN is offline
VIP
 
Join Date: Apr 2003
Location: Vietnam
Posts: 342
Rept. Given: 142
Rept. Rcvd 20 Times in 12 Posts
Thanks Given: 166
Thanks Rcvd at 129 Times in 42 Posts
TQN Reputation: 20
Hi phax !
Do you have a plan to develop a GUI for GT. As I remember, the GTUI is old. Are you code in VS .NET 2003. Think about the WTL for GUI creating.
Regards.
Reply With Quote
  #5  
Old 05-19-2004, 18:43
phax
 
Posts: n/a
GT GUI

Yep, I plan to. But since I have very different output types, I still don't know how to build a fast, small, easy-to-use GUI without spending more than 1 month for the initial version. I'm working on a small XML based GUI but that takes some time....
But you can consider it a promise that a new GUI will arrive.
Question: are you willing to have a 800K GUI for an 250K application? For me it sounds like overkill.
Reply With Quote
  #6  
Old 05-19-2004, 19:01
TQN TQN is offline
VIP
 
Join Date: Apr 2003
Location: Vietnam
Posts: 342
Rept. Given: 142
Rept. Rcvd 20 Times in 12 Posts
Thanks Given: 166
Thanks Rcvd at 129 Times in 42 Posts
TQN Reputation: 20
With WTL, I think the GUI with same abilities as old GTUI will only 100-200 KB in size. It will not uses MSVCRT, MFCxxx DLL. The XML GUI, which I saw in RTA, is a good idea, but the code for XML library will large, or depend on MSXML
Regards
Reply With Quote
  #7  
Old 05-19-2004, 22:44
volodya
 
Posts: n/a
WTL sounds very good to me. As you, of course, know, MS put WTL on sourceforge.
Reply With Quote
  #8  
Old 05-19-2004, 23:37
phax
 
Posts: n/a
WTL

I just noticed WTL and found the SF link. I haven't heard of it before.
I'll have a look at it and let you know whether I can handle it. It seems quite interesting.
I thought about a small interface that has special views for special file types. As you have probably noticed, GT has a default output to stdout and can also create HTML. This is done with the same calls - just the output handler are different. Maybe the most simple approach would be, to redirect the HTML output to an IE control - not nice but easy formatting.
TQN: what is RTA??? I would have used expat or xerces of course
regards
PHaX
Reply With Quote
  #9  
Old 05-20-2004, 10:33
TQN TQN is offline
VIP
 
Join Date: Apr 2003
Location: Vietnam
Posts: 342
Rept. Given: 142
Rept. Rcvd 20 Times in 12 Posts
Thanks Given: 166
Thanks Rcvd at 129 Times in 42 Posts
TQN Reputation: 20
Hi phax !
You can find more informations about RTA at http://www.ibiblio.org/paulc/rta/
Regards
Reply With Quote
  #10  
Old 05-21-2004, 20:05
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 919
Rept. Given: 60
Rept. Rcvd 419 Times in 94 Posts
Thanks Given: 68
Thanks Rcvd at 328 Times in 100 Posts
Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499
Hi,
for who of you that use TotalCommander here's a way to integrate it inside

1.Create the gt2 folder under the totalcommander installation folder
2. copy the gt2 files there and add the bat below
Code:
gt2 /outhtml "%1" >gt2.htm
CALL lister gt2.htm
del gt2.htm
3. download the TotalCommander standalone lister from hxxp://www.ghisler.com/lister and pack it (if you want)
4. create a button on the TotalCommande tools bar as in picture attached


Very handy!
Attached Images
File Type: jpg Image1.jpg (39.5 KB, 16 views)
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IDA signatures question The Old Pirate General Discussion 5 12-01-2014 04:30


All times are GMT +8. The time now is 15:51.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )