I don't know how many people knows this but you could actually get assembly sections and code and data from Win32 executable files just by using file-roller on Linux.
For some reason file-roller extracts these things from Win32 executable files and puts the extracted files in the format of
.text .data. .rdata .idata and etc. You could use a hex editor like Ghex to view the contents of the files after you extract them.
Sometimes file-roller gives an error and can't extract data or assembly sections and I don't know why it does this. I think it might depend on the assembler or IDE or whatever was used to create the Win32 executable file in the first place or there was an error in the download, I haven't got a clue.
Well, this is how you do it if you're not too sure. What you'll need is file-roller which you probably already have if you have GNOME, a Windows executable file, and any hex editor would do to see the data and code.
*Note* I'm not sure how this would work if the file is packed and I'm still pretty new and much clueless about how these executable programs work or what happens to them in memory, I just though this would be a neat little trick if you don't want to view the executable in a hex editor and want to instead view different sections or code or even resources from the file. I'm not an expert but still a complete noob so if I get something wrong or a bunch of things wrong, deal with it
Extracting from the file You can use this on pretty much any Windows executable file as long as it has a
.exe extension or you could even use the WINE executable file in your WINE directory if you have it but always back up things first and make a folder or place for copies just in case.
All you have to do is open it using file-roller but if it doesn't show up in your application list when you right click it, just click
open with other application and type in
file-rollerin the
use a custom command field.
This should open the executable file and show you something like:
.rsrc <--- Usually a folder of it's own
.data <--- If it's there but usually variables I think
.text <---- The code, usually high level stuff and code used from the system libraries or other etc.
.idata, .rdata, and other optional headers and sectionsNow just extract and you can use a hes editor of your choice to view the contents and etc. It's best to make a folder first to organize everything.
What about using file-roller to pack the executables or add things ? You get an error that the operation is not permitted but I'm still playing around with this
Might be because it's read-only or something.
Well thanks for reading and I hope this has contributed in some way or another to the community. This isn't the best tutorial and I admit that but at least someone would find some joy or amusement out of this and have fun.
