Re: hh -decompile -blimey!
- Posted by CChris <christian.cuvier at agriculture.gouv.fr> Jun 14, 2007
- 682 views
Pete Lomax wrote: > > Well I never. > > So all it takes, even on a w98 box, without installing anything, to extract > the entire contents of a .chm is to enter "hh -decompile workdir xxx.chm" at > a DOS command prompt. Well, it works on most, but not all (eg filzip.chm). > > Three questions: > > 1) is parsing the resulting .hhk file the best way to figure out what I can > auto-lookup? > (I don't want to open Eu.chm with zz_open, or Zz.chm with open, but > vice-versa, > ie F1 on "zz_open" -> Zz.chm but F1 on "open" ->Eu.chm.) > [Some readers may note I've been banging my head against this long-time.] > > 2) I know I could look this up meself, but pointers to reversing this after > the > above would be appreciated. (IE can/should I avoid the M$ crap?) > > 3) I have heard about virus/trojans (usually of low payload) in chm files, can > anyone confirm if the above and checking for .exe is a good/safe thing? > > Regards, > Pete I hope the following will help you: 1/ I found CHM decoder at www.gridinsoft.com . Don't give it 38Mo files, or it would take forever. Otherwise they get nicely decompressed. This is freeware stuff. 2/ From that experiment, it seems to me that the .hhc file looks better than the .hhk. 3/ They advertise a .chm editor; I didn't look into it and don't know if it would help you "reversing" things, as I am not sure I'm correctly understanding what you want to achieve. 4/ While I usually gripe against the poor quality/usability of M$ software, Help Workshop isn't the worst thing they have ever released. They may have sto (sorry, bought) it from somewhere. HTH CChris