Jump to content
Tuts 4 You

Loaders & Memory Patching

11 files

  1. Coding Loaders in C++

    This tutorial consists of two parts using two different crackme's and two different ways to code a loader. I've packed both targets with ASProtect SKE v2.4 (latest version) using all protection options to make things interesting.

    2,812 downloads

    1 comment

    Submitted

  2. Writing Loaders for DLL's

    This tutorial aims to introduce some different approaches to writing loaders for those applications where the protection or the registration checks reside into one or more .DLL's.

    406 downloads

    0 comments

    Submitted

  3. Assembler & Loaders

    The use of assembler to implement the use of a loader.

    263 downloads

    0 comments

    Submitted

  4. Cracking With Loaders v1.2

    This tutorials aim is to describe the work we did on loaders, introduce you to the problem and to describe two different approaches to write loaders.

    329 downloads

    0 comments

    Submitted

  5. Creating Loaders & Dumpers

    For this example im going to take a UPX packed notepad and show you how to code a program to stop it at the point where the imports are being resolved, then im going to output the data to screen as they get resolved just as an example, at this point really if you were unpacking the exe you would grab the data and produce a fresh import table. after outputing the import data im going to then let the progam continue to OEP, halt it there and show a msgbox.

    232 downloads

    0 comments

    Submitted

  6. Linking and Loading

    Linkers and loaders have been part of the software toolkit almost as long as there have been computers, since they are the critical tools that permit programs to be built from modules rather than as one big monolith.

    158 downloads

    0 comments

    Submitted

  7. Memory Patching

    All we know that sometimes patching is harder (when the target is protected with a packer). Current tutorial explains how to change the code of ANY (packed/non packed) program without permanent patching (kind of patching via better method).

    427 downloads

    0 comments

    Submitted

  8. Memory Patching How and When?

    A paper looking at the approach and implementation of a memory patch via loader method.

    321 downloads

    0 comments

    Submitted

  9. Writing Loaders for ASProtect 1.2x & Earlier

    This tutorial addresses a target packed with ASProtect 1.2x and shows you how to write a loader for it.

    192 downloads

    0 comments

    Submitted

  10. Writing Loaders for ASProtect 2.x

    This tutorial addresses a target packed with ASProtect 2.0 and shows you how to find where the application sets its trial information, how to defeat the nag, and finally write a generic loader for programs protected with ASProtect version 2.0.

    277 downloads

    0 comments

    Submitted

  11. Abstract, Safe, Timely, and Efficient Binary Modification

    Program binaries are commonly held to be an execute-only program form: rigid, lacking in clear structure, complex to extend and difficult to modify. However, there are several benefits to be gained from modifying binaries rather than another program form: the effects of the compiler upon the program are clearly present; binary modification does not require access to source code, which may be unavailable; and users may manipulate programs while they execute, which is impossible with other forms of program modification.

    In this dissertation, we develop and refine four desired properties of a binary modification toolkit: abstraction, safety, timeliness, and efficiency. By abstraction, we mean that a user should operate in terms of familiar structural representations, such as functions, loops, or basic blocks, instead of directly on instructions. By safety, we mean that modification should preserve the visible behavior of code that was not explicitly modified and the structural validity of the binary as a whole. By timeliness, we mean that a toolkit should allow modification of a binary at any time in its execution continuum, from a file on disk to actively executing code. By efficiency, we mean that modification should impose cost that is both low and proportional to the amount of modified code and the frequency with which it is executed.

    We then describe three techniques that allow us to achieve these properties. First, we demonstrate that the CFG, an abstraction that represents the binary program’s structure, can also be used to modify this structure and thus the binary as a whole. By leveraging the CFG, we allow users to operate in terms of familiar and natural constructs rather than requiring them to understand the idiosyncrasies of particular instruction sets. Second, we further refine techniques for code replacement, allowing us to modify a program binary at any time in its execution continuum while preserving proportional cost. Third, we present a technique based on a formal understanding of the characteristics of binary code that allows us to modify the structure of the binary without changing its user-visible behavior, even when the binary attempts to detect such modifications.

    154 downloads

    0 comments

    Submitted


×
×
  • Create New...