I've added dumping of all available language variants. Previously only the file for the first language in the set was dumped. The first language is not necessarily the default, as that is determined by the user's system settings and not the developer's PKG file settings.
The language is appended to the filename for all but the first file. This is similar to what Sisunpack does with language variants, except with long language names(e.g. UK_English,Spanish). Interestingly, Sisunpack is written in the D programming language. One page of source code and portable to Linux with a recompile. Not bad; the Windows binary is 130K.
The key with the latest versions of Dumpsis is that most of the SIS file handling code has been moved into the Sisdump perl module. Import Sisdump.pm and you've got relatively easy perl-OO access to SIS files from your perl script or program. This is good for simple utilities and one off scripts. A good example is a little script that outputs the md5 hash for each file in the SIS. Saves time in analyzing files. Combine it with file extraction and a small known file database and you only deal with the previously unseen. Of course due to all the news about MD5 collisions, it might be a good thing to take a page from the integrity checkers(Tripwire,AIDE) and add SHA1 hashing as well.
I've got a version of that tool nearly done. More stuff to add to the SIS analysis toolkit.
Subscribe to:
Post Comments (Atom)
Auto "Kill Switch", solving the wrong problem?
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
A number of factors drive malware on new platforms. The chance for pure discovery and experimentation, the desire to be the first, a need to...
No comments:
Post a Comment