PDA

View Full Version : Tearing apart .exe files

crusaderbond
June 1st, 2009, 01:16 AM
In windows, when I wanted to pull apart an exe, I just typed this into the command prompt

filename.exe /A /P C:\<path>

this overrides the command to run the executable, and just dumps all of its bits into a folder.

I've found that this doesn't work in wine. I have several .exes that run in wine, but that I cannot pull apart with cabextract or 7zip or winrar, or anything I find suggested.

I am either looking for the place wine dumps its temp when running .exes, or a command like the one above. I don't have windows anymore.

Thanks in advance
asdfoo
June 1st, 2009, 10:10 AM
In windows, when I wanted to pull apart an exe, I just typed this into the command prompt

filename.exe /A /P C:\<path>

this overrides the command to run the executable, and just dumps all of its bits into a folder.

I've found that this doesn't work in wine. I have several .exes that run in wine, but that I cannot pull apart with cabextract or 7zip or winrar, or anything I find suggested.

I am either looking for the place wine dumps its temp when running .exes, or a command like the one above. I don't have windows anymore.

Thanks in advance

wtf? I think you mean you have a specific program, whose name you want to keep secret, which accepts commandline parameters /A /P C:\<path>

Otherwise you are confused.
whoop
June 1st, 2009, 10:18 AM
Why don't you just use a hex editor or a disassembler?
norgeek
June 1st, 2009, 10:53 AM
use winrar it works in wine ;)
YokoZar
June 1st, 2009, 01:03 PM
Command line switches are a bit different in Wine because of the way the Linux terminal handles escaped characters. There's an entry on this somewhere in the Wine FAQ I think.
crusaderbond
June 9th, 2009, 12:29 AM
Thank you all for your input!

I hadn't heard of disassemblers before, but I'm playing with one now.

The switches after your executable name are triggers in the program that executes executables, that tell it to dump the contents to a folder rather than run the code within. It always works.

Thankyou, and sorry I took so long to get back.
lisati
June 9th, 2009, 12:39 AM
The switches after your executable name are triggers in the program that executes executables, that tell it to dump the contents to a folder rather than run the code within. It always works.



wtf? :confused: The switches given don't do that with the MS-DOS and Windows programs I've written...:confused:
Rufe0
June 9th, 2009, 06:11 AM
yeah doesn't work for me never heard of it