Unrecognized installer?
Extract contents of a Windows executable file created by pyinstaller
Brought to you by:
extremecoders
Using this exe http://archive.evilzone.org/hacking-and-security/netbox-blue-help/?action=dlattach;attach=7131
I am not certain it was created with PyInstaller, however, it does have a PYZ section. If I manually extract the PYZ section and then modify your program to just extract it, then I am able to get the .pyc files and then disassemble them to .py
Is it not being recognized properly or is it not actually PyInstaller?
Its indeed pyinstaller.
It's not recognized since it is digitally signed. The tool recognizes pyinstaller executables by checking the appended data at the end of the executable (called overlay). This data should end with the magic cookie in order to be recognized by pyinstaller.
For digitally signed executables, the authenticode signature is appended after the magic cookie hence the tool fails.
If you remove the last 8045 (0x1F6D) bytes from the executable i.e. the digital signature, the tool will work normally.
Thanks for the feedback and the excellent tool!