How to get a string dump of an executable? - regex

I'm working on a project and i need to get a list of all strings contained in a executable PE file, like some programs do. Here is a screenshot of what i need that the file returns:
https://i.imgur.com/Uw1yXIR.png
I can have the HEX dump of the file, and the strings are there, but i don't know how to extract them. Maybe with regex or something, idk...
I don't want the code, just the logic of the code. Thanks!
Any tips about this?

On linux computers there is a command "strings" (part of binutils package):
strings - print the strings of printable characters in files.
If you have cygwin installed on a windows computer, you could use that command from the cygwin command line:
strings /cygdrive/h:/.../executablefile

Related

wxMenuItem in C++: Characters like "äöü" not displayed properly in the item text

I am starting to use wxWidgets (Version 3.1.4) for a Windows GUI application. Compiling and linking is done with gcc coming with MINGW64 (gcc (x86_64-posix-sjlj-rev0, Built by MinGW-W64 project) 8.1.0).
In the source, the characters are entered correctly:
m_menuItem31 = new wxMenuItem(m_name6, wxID_ANY, _("Stückliste drucken"), _("Stückliste drucken"), wxITEM_NORMAL);
m_name6->Append(m_menuItem31);
In the application it looks like this:
After some research I tried using the linker option -municode ending up in an error "no reference to wWinMain". #define wxUNICODE has no effect.
Edit:
After preprocessing, the characters are still as desired. In the .o file, they are already spoiled, so the solution should be a compiler switch I am not yet aware of...
Any good ideas are welcome.
This might be up to the encoding of your source file (as VZ hinted) - I am developing wxWidgets C++ app with some non-english (e.g. - ć) characters similar to German umlauts in terms of occasional display problems.
I opened my source file in Notepad++ to see my source file's encoding and it showed encoding was ANSI:
and when this file was compiled (in MSVC) it produced correct display in application:
But when in Notepad++ I converted encoding to UTF-8, in source file it still appeared correct:
I saved file with encoding converted from ANSI to UTF-8 and compiled but after that application showed wrong character:
I advise you to take Notepad++ and do similar experiment and try to find out what encoding you are using and what encoding you should be using in your source files (possibly it should be encoding that the compiler is expecting, as VZ hinted).
In my case it didn't really seem to matter that much if string was bounded in _() or wxT() - I was able to get correct display when compiled as long as encoding of the source file was correct.
As explained in the wx docs, you can't simply expect wxMenuItem(...,..., _("Stückliste drucken"),...) to work, due to that ü is not a 7-bit valid character.
You may use
_(wxString::FromUTF8("St \xC3\xBC ckliste drucken"))
or
_(L"St \u00FC ckliste drucken")
because ü has 00FC Unicode point or C3BC in UTF-8 encoding.
Finally I got it sorted out...
I use Codelite, and after the answer from Ivan (thanks a lot for the hints!) I made some more tests. After adding some of the special characters to the minimal sample of wxWidgets and compiling it from commandline, the characters were displayed wrong in the first place. In Notepad++ I found coding to be UTF-8. After changing it to ANSI, characters were displayed correctly (consistent with Ivan's answer).
I tried the same with Codelite, and it failed. The reason was that the coding of the source file was always reset to UTF-8. It took 2 iterations to get the settings in the Codelite preferences correct (ISO-8859-1 with localization enabled) after which it worked.
The only strange effect I observed was that linking now took about 14 min... need to dig into that further.

How do I create/access ~/.lein/profiles.clj?

I am very new to Clojure and am following Clojure for the Brave and True. One of the steps is to create ~/.lein/profiles.clj . I cannot find how I am supposed to do this so any help would be much appreciated.
Thanks in advance
From your question, I take it that you are a) on a Linux system and b) do not yet know your way around Linux. Is that correct?
If so, there are a few things, you should know:
Filenames beginning with a dot are hidden. You can not see them in normal file listings. All graphical filemanagers have a switch somewhere to show hidden files. If you are typing in a terminal, you can use the -a option of the command ls to show them. Compare the output of ls ~ and ls -a ~on the command line. You can usually get a command line if you start a "terminal" or "console" from menu.
You can create directories on the command line with mkdir. In this case you would call it like this: mkdir ~/.lein on the command line.
You can then use one of the many, many text editors to create and edit the profiles.clj file. For example, on the command line call gedit ~/.lein/profiles.clj to open a graphical editor. It should be installed on most systems. If you do not have a graphical user-interface, you could try the editor nano instead of gedit
If you are on a Windows box, all these instructions make no sense. In that case, I cannot help you much as I have never run Clojure on Windows.
If you are already an experienced Linux user and I just misread your question, I beg your pardon for stating the obvious.

How to get all file names in current directory?

My goal is to build a program that renames all files in the current working directory so they don't have any spaces, any special characters or any accented characters (for example É would become E). I'm planning on using int rename(const char *oldname, const char *newname); . My problem is how do I get the files in the current working directory? I would like to have the executable I'm creating put in a folder with a files with bad names and run it and the files all be renamed.
A platform independent solution would be preferable, otherwise I'm using Windows 7 Enterprise 32bit.
This question isn't a duplicate because I don't know the path for opendir ("c:\\src\\"); it's whatever directory the program is being executed from.
Here's a sample code to do that:
http://bytes.com/topic/c/answers/869208-list-files-directory
In essence you utilize these APIs: FindFirstFile and FindNextFile
For cross-platform solution see findfirst() and findnext()
An option is to use opendir(".") , this will open the current directory.

why I am getting "invalid command name "MZ"" on loading a dll on wish console?

I have a library and I have generated tcl bindings for the same using swig. The dll thus generated is xyz_tcl.dll if my original lib dll us xyz.dll. but when I try to load the dll its says "invalid command name "MZ"". Can any one tell me what could be reason for it.
The MZ is almost certainly the first few bytes of the DLL (it's the “magic number” of the file format) so at a guess you're trying to do:
source xyz_tcl.dll
That won't work. It contains compiled C code that integrates with Tcl, but not a Tcl script. Instead, you need to do:
load xyz_tcl.dll
Of course, it should be build into a package (which is a directory containing the required DLLs and a file pkgIndex.tcl) which would then let you do something like this instead:
package require xyz
(The pkgIndex.tcl file contains instructions on how to define the package using the other files, through load and source as necessary.)
I think that something (tcl?) is trying to execute the DLL as a script - the first two bytes of a Windows executable file are 'M' and 'Z'.
For historical reasons, every Win32 executable has a small 16-bit MS-DOS header just before the actual Win32 PE header, and the signature bytes for the 16-bit header are "MZ".

Problem referring to the exe path in _wsystem() in Windows XP

I am having problem referring to the file path in Windows XP (SP2). Actually I want to run an exe file from a specified path say "C:\users\rakesh\Documents and settings\myexe.exe" in my program...I am using the function _wsystem("C:\users\rakesh\Documents and settings\myexe.exe") to run the file..
The problem is that it is not recognizing the space, so I went through some articles and I found an solution for that. I tried using the solution below ..it worked great:
C:\\users\\rakesh\\Docume~1\\myexe.exe
in the above after the first 6 chars I used "~1" to accomplish the rest...but it's not working when exe name is with space like below:
C:\\users\\rakesh\\Docume~1\\my exe.exe
and also I can't replace them with "~1"(not working for exe name).
How do you execute programs when there are spaces in the path or executable file name?
Just like on the command line, the spaces need to be inside double quotes:
_wsystem ("\"C:/users/rakesh/Documents and settings/myexe.exe\"");
Note that forward slashes work just fine for path delimiters.