Extract .exe Resources with dd

From Leo's Notes
(Redirected from Extract .exe Resources)
Last edited on 14 June 2020, at 23:23.

One method of extracting resources from a binary file is to first locate the start of each resource segment by its file header and then extract it out until the next file header.

For example, to get all audio resources (a .wav file with a file header of 'RIFF'), get all the offsets where the string 'RIFF' starts and extract the data from there until the next header:

Location=0

strings -a -t d SIMTOWER.EXE | grep -i RIFF | awk '{print $1}' | while read i ; do
	if [ $Location -eq 0 ] ; then
		Location=$i
		continue
	fi

	Length=$(($i-$Location))
	dd if=SIMTOWER.EXE of=$Location bs=1 count=$Length skip=$Location
	Location=$i
done

# The last record will need to be extracted manually.
# You could assume it goes until the end of the binary and extract
# the segment from $Location to `du -b SIMTOWER.EXE`.