Dezip
Thomas Ptacek | December 28th, 2005 | Filed Under: Matasano
Bumped toolkit to 0.3, on wings of dezip. Dezip is like deezee, which is now conveniently part of the toolkit. Both programs scan large binaries looking for compressed segments. The differences:
dezip handles PKZip, which is not one of the world’s great file formats.
dezip doesn’t actually uncompress the files for you, for two reasons:
Sometimes you don’t want me uncompressing your archives, like, when it’s a Java JAR file and you want “jar xf” to unpack it. It’s a minimal inconvenience in the common case but saves a nightmare in several uncommon cases.
I’m lazy.
Dezip makes a “zips” subdirectory under cwd (or dies trying) and fills it with numbered ZIP files.
Did I mention that sometimes PKZip archives embedded in big binaries are, in fact, Java JARs? In those cases, dezip wins you a conversion!
A handy usage note for both dezip and deezee: neither programs “recurse”, which is to say neither will scan their unpacked output looking for further embedded segments. But those do occur and are often worth looking for.
