1. hh -decompile -blimey!

Well I never.

So all it takes, even on a w98 box, without installing anything, to extract the
entire contents of a .chm is to enter "hh -decompile workdir xxx.chm" at a DOS
command prompt. Well, it works on most, but not all (eg filzip.chm).

Three questions:

1) is parsing the resulting .hhk file the best way to figure out what I can
auto-lookup? (I don't want to open Eu.chm with zz_open, or Zz.chm with open, but
vice-versa, ie F1 on "zz_open" -> Zz.chm but F1 on "open" ->Eu.chm.)
[Some readers may note I've been banging my head against this long-time.]

2) I know I could look this up meself, but pointers to reversing this after the
above would be appreciated. (IE can/should I avoid the M$ crap?)

3) I have heard about virus/trojans (usually of low payload) in chm files, can
anyone confirm if the above and checking for .exe is a good/safe thing?

Regards,
Pete

new topic     » topic index » view message » categorize

2. Re: hh -decompile -blimey!

Pete Lomax wrote:
> 
> Well I never.
> 
> So all it takes, even on a w98 box, without installing anything, to extract
> the entire contents of a .chm is to enter "hh -decompile workdir xxx.chm" at
> a DOS command prompt. Well, it works on most, but not all (eg filzip.chm).
> 
> Three questions:
> 
> 1) is parsing the resulting .hhk file the best way to figure out what I can
> auto-lookup?
> (I don't want to open Eu.chm with zz_open, or Zz.chm with open, but
> vice-versa,
> ie F1 on "zz_open" -> Zz.chm but F1 on "open" ->Eu.chm.)
> [Some readers may note I've been banging my head against this long-time.]
> 
> 2) I know I could look this up meself, but pointers to reversing this after
> the
> above would be appreciated. (IE can/should I avoid the M$ crap?)
> 
> 3) I have heard about virus/trojans (usually of low payload) in chm files, can
> anyone confirm if the above and checking for .exe is a good/safe thing?
> 
> Regards,
> Pete

I hope the following will help you:
1/ I found CHM decoder at www.gridinsoft.com . Don't give it 38Mo files, or 
it would take forever. Otherwise they get nicely decompressed. This 
is freeware stuff.
2/ From that experiment, it seems to me that the .hhc file looks better than
the .hhk.
3/ They advertise a .chm editor; I didn't look into it and don't know if it
would help you "reversing" things, as I am not sure I'm correctly
understanding what you want to achieve.
4/ While I usually gripe against the poor quality/usability of M$ software, 
Help Workshop isn't the worst thing they have ever released. They may have
sto (sorry, bought) it from somewhere.

HTH 
CChris

new topic     » goto parent     » topic index » view message » categorize

3. Re: hh -decompile -blimey!

CChris wrote:
> 2/ From that experiment, it seems to me that the .hhc file looks better 
> than the .hhk.
Oh, pants. It looked so good on the first half dozen (how stupid am I?) most of
which were, get this, variations of the same damn file. Kicker was no .hhc
whatsoever and a .hhk of 0 bytes... Back to banging my head against the same
brick wall, I guess ;-((

Harumph,
Pete

new topic     » goto parent     » topic index » view message » categorize

Search



Quick Links

User menu

Not signed in.

Misc Menu