I have a Microsoft Visual C++ 6.0 file (An Unreal Tournament Update) I want to unpack to get to the files inside it.

What tools do I need?

Thanks for your help :)

This is the file.

ftp://ftp.bluesnews.com/ut/UTPatch436.exe

Hi.

The executable you linked to is a self-extracting Winzip archive. Having either Winzip or WinRAR installed (with shell extensions registered) you can right click on it and choose "extract to...".

The installer/updater is possibly home brewn but if you look inside it you'll notice that none of its data is compressed. The executable itself is a generically built installer/updater that carries overlay data, past the .rsrc section. There is a table with file information starting at/near offset 0x01189D29.

Actually, it might be offset 0x01189D27 (0x0347 entries).

If you look at the individual entries you will begin to recognise a pattern. The first byte is the length of the target path of the file (including null terminator), relative to base path. Then comes the actual target path as a string, again relative to base path. Next after that is a dword with the raw offset of the source file inside the installer executable. Then there's a dword specifying the size of the file and following that there are five bytes of unknown purpose.



OFFSET * * - SIZE * * * - TARGET



0x00008000 - 0x000059B3 - SystemManifest.ini

0x0000D9B3 - 0x0000026B - SystemManifest.int



etc...



There are more structures near the end of the image. You'll find a reference to already mentioned offset 0x01189D27 around here.

Happy reversing! Regards, sna

Thanks for your help mate :)