On Wed, Sep 25, 2024 at 09:51:31PM +0100, Damion Yates wrote:
I'm not convinced this is compressed, especially based on the initial hex
dump in the OP. Continue the hd and look for more utf-16 strings later, or
generally repetitive blocks that you'd expect to be compressed away. Or
gzip it and see if it shrinks more that a few percent, which should be
unlikely if already compressed. Of course, it still could be compressed
later on, but this doesn't necessarily get you closer to recognising the
uncompressed format, if it's inhouse/bespoke. That said it's reminiscent
to sqlite, which would make a lot of sense for this type of database.
There are a few approaches I'd try next:
Create records with very known data, like all 'A's or 0123456789 in various
fields. You can then try and determine where that ends up when expected.
Working out the offsets to the various data segments from the hex will be
challenging, I used to crack 8bit game loaders in the late 1900s by
starring at hex dumps for hours. But as nostalgic, as that sounds, I would
probably approach this using another technique.
Ask for the format details from the company... Job done. At they're moving
to a web system, maybe they consider their old binary abandonware and don't
care now.
Next up, run a decompiler/disassembler over the binary. It'll still be a
nightmare but you might be able to trace through to how the data is dumped
into the on disc format. You could also maybe try running under gdb to
step through the db population part.
Finally, I'd play around with xdotool, have it open each record, copy to
clipboard, switch to another tool (e.g. a simple gedit window) and paste.
Run this for a few hours to extract the data. You might not like the web
app, but if it can import your data then a web-based manipulation tool
could also scrape the data back out.
HtH, Good luck!
- Damion
Gosh, that's very complicated but I'll have a think. TBH, being a Windows app,
I started looking at common file-backed DBs Windows developers might use as an
equivalent to SQLite and a quick Google mentioned a handful. I might download
them and try.
Regards,
Henrik Morsing
--
GLLUG mailing list
GLLUG@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/gllug
