File Discription - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: File Discription (/showthread.php?tid=73559)
File Discription by Chocolatino on 04-12-2007 at 06:11 PM
Ok, see i have downloaded a prank file (.exe) but i want to change the description so it doesn't give it away.
RE: File Discription by pollolibredegrasa on 04-12-2007 at 06:22 PM
You can use Resource Hacker to do this.
You'll need to expand the Version Info part, then modify "FileDescription" to whatever you want. Then you just press Compile Script and save the exe.
Edit: Shown in the screenshot below:
RE: File Discription by Chocolatino on 04-13-2007 at 11:57 AM
Any Way Around this?
RE: File Discription by Ezra on 04-13-2007 at 12:06 PM
Try some of the more popular EXE compressors and try to decompress the .exe, like UPX and PECompact.
RE: File Discription by Chocolatino on 04-13-2007 at 12:08 PM
I Used WinRAR do decompress it? should i try those?
RE: File Discription by Ezra on 04-13-2007 at 12:12 PM
No, Exe compressors like UPX or PECompact, i'm sure there are more, but these two I know
RE: File Discription by Chocolatino on 04-13-2007 at 12:58 PM
quote: Originally posted by Resource Hacker
Limitation:
To reduce the size of application files, some applications are "packed" or "compressed" using an EXE compressor once they have been compiled. This has a side-effect of making it more difficult to view and modify resources. When a "compressed" executable is viewed with Resource HackerTM, only resource types and names will be visible but not the actual resources.
Status:
This is not viewed as a bug. The application developer may well have viewed this as beneficial feature so no "fix" is planned.
* Chocolatino Shrugs O well....
RE: File Discription by Eljay on 04-13-2007 at 01:11 PM
1. Download UPX (Win32 console version)
2. Extract "/upx203w/upx.exe" from inside the downloaded archive using WinRAR to anywhere (remember where, you will need the path later).
3. Start > Run > cmd
4. cd "<path where you extracted upx.exe>"
5. upx.exe -d "<path to the compressed exe>"
The file should now be decompressed and you can edit it in Resource Hacker.
RE: File Discription by Chocolatino on 04-13-2007 at 01:29 PM
in cmd do I type in:
cd "<C:\Documents and Settings\USER\Desktop\upx.exe>"
Or do i take something off?
RE: File Discription by Eljay on 04-13-2007 at 01:31 PM
quote: Originally posted by Chocolatino
in cmd do I type in:
cd "<C:\Documents and Settings\USER\Desktop\upx.exe>"
Or do i take something off?
should be:
cd "C:\Documents and Settings\USER\Desktop"
(also remove the < and > from step 5)
RE: File Discription by vikke on 04-13-2007 at 01:38 PM
I would recommend you to use PEiD, a program which analyses your PE file and checks if it's encrypted. From there, you can make a Google search and find your solution.
You can download PEiD from www.PEiD.tk
RE: File Discription by Chocolatino on 04-13-2007 at 01:44 PM
code: Microsoft Windows XP [Version 5.1.2600]
(C ) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\USER>cd "C:\Documents and Settings\USER\Desktop"
C:\Documents and Settings\USER\Desktop>upx.exe -d "C:\Documents and
Settings\USER\Desktop"
Ultimate Packer for eXecutables
Copyright (C ) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006
UPX 2.03w Markus Oberhumer, Laszlo Molnar & John Reiser Nov 7th 2006
File size Ratio Format Name
-------------------- ------ ----------- -----------
upx: C:\Documents and Settings\USER\Desktop: IOException: not a reg
ular file -- skipped
Unpacked 0 files.
What did i do wrong?
RE: File Discription by vikke on 04-13-2007 at 01:47 PM
You should do:
code: > cd "C:\Documents and
Settings\USER\Desktop"
> upx.exe -d "File.exe"
Edit: Replace File.exe with the name of the file you want to decompress.
Edit2: Are you currently signed in to Windows XP as the name "USER"? Otherwise change USER to the user you are signed in as.
RE: File Discription by Chocolatino on 04-13-2007 at 01:54 PM
code: C:\Documents and Settings\USER\Desktop>upx.exe "screenscrew.exe"
Ultimate Packer for eXecutables
Copyright (C ) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006
UPX 2.03w Markus Oberhumer, Laszlo Molnar & John Reiser Nov 7th 2006
File size Ratio Format Name
-------------------- ------ ----------- -----------
upx: screenscrew.exe: CantPackException: file is possibly packed/protected (try
--force)
Packed 1 file: 0 ok, 1 error.
Got This
quote: Originally posted by vikke
Are you currently signed in to Windows XP as the name "USER"? Otherwise change USER to the user you are signed in as.
No, I'm just using it as an example.
RE: File Discription by vikke on 04-13-2007 at 01:55 PM
You should do:
code: upx.exe -d "screenscrew.exe"
instead of:
code: upx.exe "screenscrew.exe"
RE: File Discription by Chocolatino on 04-13-2007 at 02:03 PM
code: C:\Documents and Settings\USER\Desktop>upx.exe -d "screenscrew.exe"
Ultimate Packer for eXecutables
Copyright ( C) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006
UPX 2.03w Markus Oberhumer, Laszlo Molnar & John Reiser Nov 7th 2006
File size Ratio Format Name
-------------------- ------ ----------- -----------
upx: screenscrew.exe: NotPackedException: not packed by UPX
Unpacked 0 files.
C:\Documents and Settings\USER\Desktop>
Should i just leave it?
RE: File Discription by vikke on 04-13-2007 at 02:13 PM
The file was not packed by UPX (as Eljay said) so download PEiD and find out what method was used to compress the file. Read my previous post for more info.
RE: File Discription by Chocolatino on 04-13-2007 at 02:24 PM
Now what?
RE: File Discription by vikke on 04-13-2007 at 02:25 PM
Google it:
http://www.google.com/search?q=aspack+2.12+unpacker
RE: File Discription by Chocolatino on 04-13-2007 at 02:41 PM
nothing, tried the Pmak unpacker but nothing, Guess ill just leave it now. thnx for all your help though.
RE: File Discription by vikke on 04-13-2007 at 02:43 PM
Use this one:
http://linux20368.dn.net/protools/files/unpackers/aspackdie.zip
It's called ASPackDie, and it decryps your ASPack PE files.
RE: File Discription by Chocolatino on 04-13-2007 at 02:53 PM
It unpacks and everything then when i try to change the values of the .exe it says the same thing.
RE: File Discription by vikke on 04-13-2007 at 02:55 PM
Hmm.. Run through PEiD again, and see if the compression is removed or another one is applied.
RE: File Discription by Chocolatino on 04-13-2007 at 03:01 PM
Searching on google.....
RE: File Discription by vikke on 04-13-2007 at 03:07 PM
That should actually not be a problem. Try to use another resource hacker than Reshacker by angusj.
If you find anything at Google that'll be good!
RE: File Discription by CookieRevised on 04-14-2007 at 12:47 PM
May I very strongly point out that using decompressors (unpackers) for EXE's can be very dangerous if you don't know what you're doing!
Especially with files which have been compressed by commercial packers. Because to properly unpack them you need to either have a license or a password or something. And in many cases you simply can not unpack it just like that.
What those unpackers for commerical packers do is actually executing the packed EXE to get to the unpacked image in memory (a file is always runned unpacked in Windows internally). And there lies the extremely big danger! The files _are_ executed and thus malicious stuff which might exist in those files _is_ executed. Thus this is _not_ like unpacking a RAR file or ZIP file where nothing is executed.
'Generic unpackers' or 'generic methods' and those kind of things found in unpackers (like PEiD) should _only_ be used if you know _exactly_ what you're doing and have a extremely good knowledge of how such things work and _exactly_ what the packed files might do when executed.
Also note that unpacked versions of executeables quite often do not run properly anymore and might render errors (even if you don't see anything out of the ordinary at first sight!!!). They also quite often do not result in a proper EXE layout.
Many unpackers also say they unpacked a file, yet fail to do it correctly.
Bottom line: Do not use such tools if you do not know what you're doing or if you don't have the knowledge of how such things works. (at least not on your main PC, do whatever you want on a test PC of course ).
|