aimless
January 5th, 2001, 00:37
Hello,
I was recently at unpacking site and I read the FAQ there. I have started exercises of unpacking the files, manually (using ProcD, SICE and some other such utils). I am facing with a number of problems, but am generally doing OK. However, I have a few doubts to which ALWAYS nag my mind, and I DO NOT FIND ANSWERS TO THEM ON ANY OF THE SITES:
1: It is (QUITE) obvious, when the file is packed. We can (USING any PE viewer, or by general chars) make out that the file is packed. However, HOW DO I MAKE OUT THAT THE FILE IS PACKED MORE THAN ONCE?
2: Packing garbles all the necessary data/code, etc. and then un-garbles them during runtime. However, how do I also make out if the file was ENCRYPTED and then PACKED?
Please note that I am not interested in knowing how to unpack multiple packed/encrypted files. I AM ONLY INTERESTED IN iDENTIFYING those files!!
Any pointers in that direction...?
Thx in advance.
As ever,
I was recently at unpacking site and I read the FAQ there. I have started exercises of unpacking the files, manually (using ProcD, SICE and some other such utils). I am facing with a number of problems, but am generally doing OK. However, I have a few doubts to which ALWAYS nag my mind, and I DO NOT FIND ANSWERS TO THEM ON ANY OF THE SITES:
1: It is (QUITE) obvious, when the file is packed. We can (USING any PE viewer, or by general chars) make out that the file is packed. However, HOW DO I MAKE OUT THAT THE FILE IS PACKED MORE THAN ONCE?
2: Packing garbles all the necessary data/code, etc. and then un-garbles them during runtime. However, how do I also make out if the file was ENCRYPTED and then PACKED?
Please note that I am not interested in knowing how to unpack multiple packed/encrypted files. I AM ONLY INTERESTED IN iDENTIFYING those files!!
Any pointers in that direction...?
Thx in advance.
As ever,