ssokolow: The whole point is to make sure users don't try to unpack it as a RAR. If the browser says its an EXE but the OS refuses to execute it because it lacks the EXE extension, mission accomplished.
Gersen: If the browser see it as an EXE then it will save it as an EXE.
You could cheat by having the EXE part at the beginning of the file while at the same time keeping the BIN extension. It might do the trick by preventing Browser or explorer from detecting it as a RAR file but IIRC (not 100% sure though) it only works for the first file in a multi-volume archive; if the other volumes have it too they won't be extracted.
Ahh. I hadn't realized that. Modified file header it is then.
ssokolow: As for the "altered format" part, I suggested that too as the next step along. It's trivially easy to add or remove the seven-byte identifying string from the beginning of a RAR file and, given that they apparently implemented the password calculation within their unrar.dll, it should also be easy for them to comment out the check for those seven bytes.
Gersen: Well the problem with that is, as I said in my previous post, that it wouldn't be compatible with "official" RAR extractor/compressor; so it you want to extract those files on Linux (or on Windows for that matter) you would need to create/build a custom RAR extractor supporting GoG format (or patch the files).
Patching the files on Linux is trivial and we were OK with InnoExtract.
The important thing is that we feel safe in our ability to extract them, which means that it should be simple to rediscover the mechanism without running Windows code or keeping notes.
A trivially modified unrar.dll that's visible when pointing innoextract at the EXE would satisfy perfectly well as sufficient clue if they just customized the 7-byte identifying header without changing its length.
I could patch it back in one line of Python if I didn't feel like compiling a trivially-patched /usr/bin/unrar. (Two or three lines if you want to loop through a list of them)
$ echo "This is a test" > test.bin
$ cat test.bin
This is a test
$ python -c 'with open("test.bin", "r+b") as fobj: fobj.write(b"That")'
$ cat test.bin
That is a test
Just replace b"That" with b"\x52\x61\x72\x21\x1a\x07\x00" (the 7-byte RAR identifying string).
Hell, there's probably even a way to do it in shell script.