Add new comment

A while ago I received a postcard that came with a Mini CD created by a company called CardSelect. It promised "Meer dan 100 beelden" of "De Wadden", more than 100 images of the Wadden Sea area. Today I decided to check it out, so I popped the disc in my computer and performed an ls /mnt/cdrom:

$ ls -al /mnt/cdrom/
total 45848
dr-xr-xr-x 1 root root 2048 2005-02-26 15:01 .
drwxr-x--- 12 root ftpgroup 4096 2009-12-01 14:08 ..
-r-xr-xr-x 1 root root 61 2005-02-26 14:34 AUTORUN.INF
-r-xr-xr-x 1 root root 46940123 2005-02-26 14:02 de_wadden_natuurlijk.exe
-r-xr-xr-x 1 root root 370 2005-02-26 14:58 leesmij.txt
-r-xr-xr-x 1 root root 766 2000-04-09 14:14 mobjects.ico

Jikes, it appears the gallery is wrapped in a Windows executable. A gallery is really simple stuff, so with great anticipation I try to run the file through wine, an application that fakes/implements some aspects of Windows allowing a lot of programs to run on Linux.

But, alas, wine wasn't able to handle it. So now what? Since the complete gallery is inside the single executable the photos must be inside it as well - surely there's a way to extract them. Actually there are many programs that can do this on Linux, just take a look at the forensics applications in your package manager. Since I had Foremost installed already I decided to give that one a go:

$ foremost -o my_dump_dir -i de_wadden_natuurlijk.exe
Processing: de_wadden_natuurlijk.exe
|*|
$ tail my_dump_dir/audit.txt

146 FILES EXTRACTED

jpg:= 137
gif:= 7
exe:= 1
png:= 1
------------------------------------------------------------------

Foremost finished at Sat May 29 16:42:30 2010

Hooray, foremost recovered 137 JPEG images, and on inspection it turns out these are indeed the gallery images I was hoping to see. Now I can watch the promised photographs without having to find a Windows machine.