r0da's blog

Hi Today I will show how I unpacked Jar2Exe protection 3. I made a tool called Exe2Jar that unpack Jar2Exe protection 1 and 2. It was a school project so I didn't look that much to the protection 3, and someone shown me an issue about the output of my program regarding protection 3. So I decided to rework on it, and implement the protection 3 support. Exe2Jar : https://github.com/whereisr0da/exe2jar So if you're not familiar with Jar2Exe, know that the JAR File are stored in the Exectuable's Resources since protection 2. Just to prove my point, here is the original JAR File size on the left and the file size of the Encrypted RCDATA resource on the right. We have to see how the executable handle resource. So resources are used with functions like FindResourcesA etc... And as we can see, those functions are imported in the executable. We just have to follow them to see where there are used. In particular the FindResourcesA that ret