Skip to main content
Participating Frequently
September 14, 2010
Answered

Help with eexec block...

  • September 14, 2010
  • 1 reply
  • 3824 views

Hello,

I need to be able to see what is being done within an "eexec" block of a postscript file.

Is there an easy way to decode it so that I can see what it does?

For example:

======================================

currentfile eexec
9b9c1569015f2c1d2bf560f4c0d52257bac8ced9b09a275ab231194ecf829352
05826f4e975dcecec72b2cf3a18899ccde1fd935d09d813b096cc6b83cdf4f23
b9a60db41f9976ac333263c908dcefcdbd4c8402ed00a36e7487634d089fd45a
f4a38a56a4412c3b0baffaeb717bf0de9ffb7a8460bf475a6718b0c73c571145
d026957276530530a2fbefc6c8f67052788e6703bb5ee49533870bca1f113ad8
3750d597b842d8d96c423ba1273ddd32f3a54a912a443fcd44f7c3a6fe3956b0
aa1e784aaec6fce08dae0c76da9d0a3eba57b98a6233d9e9f0c3f00fcc6b2c6a
9ba23af389e6dfff4efec3de05d6276c6be417703ce508377f25960ef4ed83b4
9b01b873f3a639ce00f356229b6477a081933fef3bb80e2b9dffa7f75567b1fa
4d739b772f8d674e567534c6c5bbf1cf615372be20b18472f7aa58be8c216dbd
df81cc0a86b6d8318ca68fe22c8af13b54d7576fe4ca5a7af9005ea5cc4edb79
c0ab668e4fec4b7f5a9eb5f0e4c088cd818ecc4feb4b40ec8bd2981bf2336074
b64c4301c39221774c4482ad2518015bc80e2e96dabb4bdf5fbde00562af1aa6
90336bfc814e8312dd70402bf02d57a3ffe05e732cdfddafc00d318f83a79439
5eb8460eed2f5f1e7a2726c02f81b69917baaf163033a49dc10f61f35c72d3c9
33039c21bc71a9b4b25bc7573429924340b16d1cdfe6a6b93450c50f15b6229f
be901e24b3d21bf434b7f60802dfa0bb3462a12bff97ca01cf591cba483a1699
da979b8e79d363c1849565820b5d62eb82d4e481b26944bdb6f0f02642252a86
35e29f2f3f5faa4444aa607bfd3bf4ac98653fed
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
cleartomark

============================================

There are 2 more of these in the file that I need to decode, but the other two are much longer.

Can anybody please help me with this?

I would really appreciate it.

Thanks

This topic has been closed for replies.
Correct answer abeddie

I have ghostscript installed as well.

I created eexecDecode.ps with ths following contents:

%!
(t.in) (r) file /in exch def
(t.out) (w) file /out exch def
256 string /buf exch def
55665           % eexec encryption seed
  { in buf readhexstring /more exch def
    dup .type1decrypt out exch writestring
    more not { exit } if
  } loop
in closefile
out closefile
quit

I then created t.in with just the hex data.

But when its time to run it, it doesnt work.

First, do you mean run it from the GhostScript command line? or the windows comand prompt?

I'm guessing ghsotscript command line.

I tried typing the following, but I get an error everytime:

1) gs eexecDecode.ps decode data in t.out

2) -- gs eexecDecode.ps decode data in t.out

3) run --gs eexecDecode.ps decode data in t.out

4) gs eexecDecode.ps

5) (eexecDecode.ps) run

I put the files in the same directory as "gswin32.exe" (C:\Program Files\gs\gs8.71\bin)

I also tried putting them in "C:\Program Files\gs\gs8.71\" directly, but it still doesnt work.

I am sure I am doing something wrong.

Also, is there another simple program like the one you found in order to re-encode the block? because I cant seem to get it to work in the decoded form.

I really appreciate your help.

Thanks.


On a windows machine cmd window from c: with t.in in c: this worked for me:

"\Program Files\gs\gs8.57\bin\gswin32.exe" eexecDecode.ps

gs does reconize .type1encrypt

1 reply

Participating Frequently
September 14, 2010

I copied this before and just create a file with your hex eexec data and results below:

Ed

%!
(t.in) (r) file /in exch def
(t.out) (w) file /out exch def
256 string /buf exch def
55665           % eexec encryption seed
  { in buf readhexstring /more exch def
    dup .type1decrypt out exch writestring
    more not { exit } if
  } loop
in closefile
out closefile
quit

%%%%%

BKPHdup/Private 13 dict dup begin
/RD{string currentfile exch readstring pop}executeonly def
/ND{noaccess def}executeonly def
/BlueValues [-22 0 683 705] def
/OtherBlues [-124 -119] def
/StdHW [40] def
/StdVW [85] def
/StemSnapH [40 55] def
/BlueScale 0.04379 def
/ForceBold false def
/MinFeature{16 16}def
/password 5839 def
/UniqueID 5000820 def
/Subrs 0 array
ND
2 index /CharStrings 2   dict dup begin
/bullet 48 RD uB7��|!�]�IץVr}� 
/.notdef 8 RD %�2n�4� ND
end
end
readonly put
noaccess put
dup/FontName get exch definefont pop
mark currentfile closefile

EarthboltAuthor
Participating Frequently
September 14, 2010

Hi, thanks for your response.

can you please explain how you got that so i can try it with the larger eexec blocks?

(or can i paste/email you the two larger blocks to decode as well?)

I would really appreciate it.

Thanks

Participating Frequently
September 14, 2010

As mentioned I copied it so am NOT the author.  It's just  looping reading hex data in and outputting the converted data out. The magic is in

.type1decrypt which is not in the PLRM so may only be available with gs.

I can run the bigger strings with the same program if you can't get it to work.