Re: hh -decompile -blimey!

new topic     » goto parent     » topic index » view thread      » older message » newer message

Pete Lomax wrote:
> 
> Well I never.
> 
> So all it takes, even on a w98 box, without installing anything, to extract
> the entire contents of a .chm is to enter "hh -decompile workdir xxx.chm" at
> a DOS command prompt. Well, it works on most, but not all (eg filzip.chm).
> 
> Three questions:
> 
> 1) is parsing the resulting .hhk file the best way to figure out what I can
> auto-lookup?
> (I don't want to open Eu.chm with zz_open, or Zz.chm with open, but
> vice-versa,
> ie F1 on "zz_open" -> Zz.chm but F1 on "open" ->Eu.chm.)
> [Some readers may note I've been banging my head against this long-time.]
> 
> 2) I know I could look this up meself, but pointers to reversing this after
> the
> above would be appreciated. (IE can/should I avoid the M$ crap?)
> 
> 3) I have heard about virus/trojans (usually of low payload) in chm files, can
> anyone confirm if the above and checking for .exe is a good/safe thing?
> 
> Regards,
> Pete

I hope the following will help you:
1/ I found CHM decoder at www.gridinsoft.com . Don't give it 38Mo files, or 
it would take forever. Otherwise they get nicely decompressed. This 
is freeware stuff.
2/ From that experiment, it seems to me that the .hhc file looks better than
the .hhk.
3/ They advertise a .chm editor; I didn't look into it and don't know if it
would help you "reversing" things, as I am not sure I'm correctly
understanding what you want to achieve.
4/ While I usually gripe against the poor quality/usability of M$ software, 
Help Workshop isn't the worst thing they have ever released. They may have
sto (sorry, bought) it from somewhere.

HTH 
CChris

new topic     » goto parent     » topic index » view thread      » older message » newer message

Search



Quick Links

User menu

Not signed in.

Misc Menu