Well, the subject says it all. I have an exe that is an SFX, and I want to extract the ZIP from the SFX. How can I do that?
Asked
Active
Viewed 7.7k times
8 Answers
8
On Linux it is possible with "zip" utility:
$ file london_f.exe
london_f.exe: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Warning: The next line changes the original .exe file to make it a pure zip archive without the exe parts!
$ zip -J london_f.exe
$ file london_f.exe
london_f.exe: Zip archive data, at least v1.0 to extract
$ zip --version
Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
This is Zip 3.0 (July 5th 2008), by Info-ZIP.
Currently maintained by E. Gordon. Please send bug reports to
the authors using the web page at www.info-zip.org; see README for details.
...
Nobody
- 393
user2771443
- 81
- 1
- 1
5
If you're dealing with gog.com games, use Innoextract. unzip, unrar, 7zip and others did not work for me:
sudo apt install innoextract # Install (On Debian/Ubuntu)
innoextract setup_duke3d_2.0.0.85.exe # Extract
4
On Linux, if it's a stubborn one and
zip -J file.exe
doesn't transform it into an extractable zip because the non-zip part isn't just prepended, see the manual page:
-J
--junk-sfx
Strip any prepended data (e.g. a SFX stub) from the archive.
then the zip utility has two other useful options:
-F
--fix
-FF
--fixfix
Fix the zip archive. The -F option can be used if some portions of the archive are missing, but requires a reasonably intact central directory. The
input archive is scanned as usual, but zip will ignore some problems. The resulting archive should be valid, but any inconsistent entries will be left
out.
When doubled as in -FF, the archive is scanned from the beginning and zip scans for special signatures to identify the limits between the archive mem‐
bers. The single -F is more reliable if the archive is not too much damaged, so try this option first.
If the archive is too damaged or the end has been truncated, you must use -FF. This is a change from zip 2.32, where the -F option is able to read a
truncated archive. The -F option now more reliably fixes archives with minor damage and the -FF option is needed to fix archives where -F might have
been sufficient before.
Neither option will recover archives that have been incorrectly transferred in ascii mode instead of binary. After the repair, the -t option of unzip
may show that some files have a bad CRC. Such files cannot be recovered; you can remove them from the archive using the -d option of zip.
Note that -FF may have trouble fixing archives that include an embedded zip archive that was stored (without compression) in the archive and, depending
on the damage, it may find the entries in the embedded archive rather than the archive itself. Try -F first as it does not have this problem.
The format of the fix commands have changed. For example, to fix the damaged archive foo.zip,
zip -F foo --out foofix
tries to read the entries normally, copying good entries to the new archive foofix.zip. If this doesn't work, as when the archive is truncated, or if
some entries you know are in the archive are missed, then try
zip -FF foo --out foofixfix
and compare the resulting archive to the archive created by -F. The -FF option may create an inconsistent archive. Depending on what is damaged, you
can then use the -F option to fix that archive.
A split archive with missing split files can be fixed using -F if you have the last split of the archive (the .zip file). If this file is missing, you
must use -FF to fix the archive, which will prompt you for the splits you have.
Currently the fix options can't recover entries that have a bad checksum or are otherwise damaged.
So try
zip -F file.exe --out extracted.zip
and if that fails
zip -FF file.exe --out extracted.zip
Nobody
- 393
1
I have yet to see a zip-manipulation program that can't do this. Self extracting archives are also valid zip files, just with a bunch of extra stuff in them (the extractor).
You will probably find that you can't select the utility as a way of opening the file but if you simply run the utility and then select the file it works.
Loren Pechtel
- 2,694
1
If you are on a Linux system, I propose a trial-and-error method, based on the assumption that the self-extracting archive contains a simple sequence of executable code and raw compressed data. Just try the following shell command:
for n in `seq 1 2000`; do echo $n; dd ibs=256 if=mysfx.exe count=2 skip=$n | file - ; done 2>/dev/null |less
The indicated command sequence reads some bytes at increasing offsets from the beginning of your file and feeds them to the file utility for detecting the format of the byte sequence starting at that offset.
You should examine each line output by the file utility; most of them will look like /dev/stdin: data intespersed by some randomly detected formats; if at some line you recognize a known compressed file format, there is a chance that raw compressed data start at that offset.
So if, e.g., you see a line like:
420
Zip archive data, at least v2.0 to extract
indicating that something similar to a zip file has been identified at offset 420*256, then just issue:
dd ibs=256 if=mysfx.exe skip=420 of=mysfx.zip
to retrieve the raw zip file. It should work with different file compressors. It was successfully tested with 7z self-extracting archive with offset 814*256.
If you do not get any result, you could try to adjust the values 2000 (n. of offsets tried) and 256 (the offset step in bytes) in the commands above.
Davide
- 111
0
You can open an SFX file with WinZip if you want to access the files within. You don't need to execute the file.
It looks like a range of other compression utilities will also open SFX files.
Rory Alsop
- 3,360
0
I had a similar problem, an SFX executable, that basically runs an exe that then allows you to run the files within the archive. Opening exe in 7zip shows it password protected. I searched for a solution, it must store the password in some kind of header... While reading this thread an alternative solution occurred to me.
Run the exe, then check C:\windows\temp sort by date and find the folder that the exe extracted to, there are the files inside the zip. Take them out and zip them back up. Viola! you have a zip of the exe, sans password.
PhilFCS
- 61