I have a DOS program that I want to disassemble. IDAFW is telling me it's packed.
Since there are a lot of unpackers, is there a program that can tell me which
one packed it.
Thanks.
Since there are a lot of unpackers, is there a program that can tell me which
one packed it.
Thanks.
you can offen get a clue by looking at the section names.
Yup,
Many like PEPack will put their names in the PE file directly after the sections, you have only to open it with a hex editor and check for the name of the packer. Or simply ask the author, if he doesn't mind your disassembling his source he will surely provide the information.
Many like PEPack will put their names in the PE file directly after the sections, you have only to open it with a hex editor and check for the name of the packer. Or simply ask the author, if he doesn't mind your disassembling his source he will surely provide the information.
And if he does mind you disassembling, you shouldn't be disassembling in the first place ^_^
h**p://download.softpedia.com:8080/UTILE/PEiD.zip
I never seam to be able to get the softpedia pages to load. It just says done in the bottom right of IE.
h**p://www.absolutelock.de/construction/files/releases/PEiD.zip
h**p://www.absolutelock.de/construction/files/releases/PEiD.zip
Thanks, I should have posted that the packed program is a DOS one that uses a DOS Extender.
PEiD is impressive.
Thanks, I should have posted that the packed program is a DOS one that uses a DOS Extender.
you did post that, but nobody seems to have read it ;)
i'd say check out the utilities section at protools.
oops! :grin: Most of the time, I don't read or try to understand the post. I just skim a few lines and random words from the post plus the title and try to make sense with them. I'm really lazy. I believe analysis is sometimes useless and inefficient use of brain cells. :tongue: It makes me feel nerdy and geeky. :grin:
If I found one, I'll let you know. :grin:
If I found one, I'll let you know. :grin:
He wrote DOS, but not 'extender' ^_^ - I think the most used dos extender+packer was pmw/lite (sorry if the name isn't 100% correct, it's been quite a few years), and there's a very well working uncompressed for that floating aorund...
you did post that, but nobody seems to have read it ;)
i'd say check out the utilities section at protools.
Went there. I would like UN-PACK by Snow Panther. 21.IV.2003.
UN-PACK 2.3. but can't find a link to it.
Thanks.
Thanks and I liked your saying from Jennifer Anniston.