[Lanrei]

Whole thing screams scam or April Fools joke. There's one commit to the source code repository.

Anyone want to try it on a VM and report back?

[spiorf]

Playbook files are password protected archives. Anyone cares to reverse engineer the password from the executable?

[Kwpolska]

The password seems to be "malte". The executable is completely unobfuscated .NET, and all you need for "reverse engineering" is ILSpy or DotPeek.

    public static void ExtractFile(string apbx, string file, string targetDir, bool recursive = false)
    {
      if (recursive)
        APBX.RunCommand("x \"" + file + "\" -o\"" + targetDir + "\" -p\"malte\" -y -r");
      else
        APBX.RunCommand("x \"" + apbx + "\" -o\"" + targetDir + "\" -p\"malte\" \"" + file + "\" -y -r-");
    }

    public static void ExtractArchive(string apbx, string targetDir, string exclude = null)
    {
      if (exclude != null)
        APBX.RunCommand("x \"" + apbx + "\" -o\"" + targetDir + "\" -p\"malte\" -x!\"" + exclude + "\" -y");
      else
        APBX.RunCommand("x \"" + apbx + "\" -o\"" + targetDir + "\" -p\"malte\" -y");
    }

[dijit]

Interesting; Malte is a common Danish, Swedish and Germanic male name.

[anaisbetts]

Yikes, this alone is grounds to never ever ever use this tool, intentionally obfuscating what commands are being run is malware-level behavior

[justsomehnguy]

> Set the Archive format to 7z, and set malte as the password

https://docs.ameliorated.io/developers/playbooks/creation.ht...

[rootw0rm]

password is "malte"

https://ibb.co/BNtHF1X

[Kwpolska]

Huh, IDA can do .NET IL? Interesting.