How to find specific Resource String given the .rsrc and the identifier of the string to be loaded in IDA?

Question

Given a string identifier (uID) for a string loaded using LoadStringA() (I believe it's found in the resource that's loaded using FindResourceA(), but not sure how to traverse through it), how can I find the string?

I cannot run the program, only static analysis is accepted. I'm using IDA Pro.

Main pseudocode:

{
  char v0; // [esp+0h] [ebp-4A0h]
  char Dst; // [esp+1h] [ebp-49Fh]
  char *v2; // [esp+404h] [ebp-9Ch]
  char v3; // [esp+408h] [ebp-98h]
  int v4; // [esp+498h] [ebp-8h]
  int v5; // [esp+49Ch] [ebp-4h]

  MD5::MD5((MD5 *)&v3);
  v0 = 0;
  memset(&Dst, 0, 0x3FFu);
  v5 = 0;
  v4 = FindResourceA(0, "rc.rc", 6);
  v5 = 272;
  LoadStringA(0, 272, &v0, 1023);
  v2 = MD5::digestString((MD5 *)&v3, &v0);
  MessageBoxA(0, v2, "We've been compromised!", 48);
  ExitProcess(0);
}

Answer 1

The format of string resources

Unlike the other resource formats, where the resource identifier is the same as the value listed in the *.rc file, string resources are packaged in “bundles”.

...

The strings listed in the *.rc file are grouped together in bundles of sixteen. So the first bundle contains strings 0 through 15, the second bundle contains strings 16 through 31, and so on. In general, bundle N contains strings (N-1)*16 through (N-1)*16+15.

...

The strings in each bundle are stored as counted UNICODE strings, not null-terminated strings. If there are gaps in the numbering, null strings are used. So for example if your string table had only strings 16 and 31, there would be one bundle (number 2), which consists of string 16, fourteen null strings, then string 31.

That blog post also contains a LoadString implementation that shows how to convert the string id to the resource id and then walking the data to find the string.

In your case I believe this is string resource id 18 and the first string in that bundle.