Jump to content
Tuts 4 You

Loaders & Memory Patching

11 files

  1. Coding Loaders in C++

    By Teddy Rogers

    This tutorial consists of two parts using two different crackme's and two different ways to code a loader. I've packed both targets with ASProtect SKE v2.4 (latest version) using all protection options to make things interesting.

    2,788 downloads

    1 comment

    Submitted

  2. Writing Loaders for DLL's

    By Teddy Rogers

    This tutorial aims to introduce some different approaches to writing loaders for those applications where the protection or the registration checks reside into one or more .DLL's.

    379 downloads

    0 comments

    Submitted

  3. Assembler & Loaders

    By Teddy Rogers

    The use of assembler to implement the use of a loader.

    253 downloads

    0 comments

    Submitted

  4. Cracking With Loaders v1.2

    By Teddy Rogers

    This tutorials aim is to describe the work we did on loaders, introduce you to the problem and to describe two different approaches to write loaders.

    315 downloads

    0 comments

    Submitted

  5. Creating Loaders & Dumpers

    By Teddy Rogers

    For this example im going to take a UPX packed notepad and show you how to code a program to stop it at the point where the imports are being resolved, then im going to output the data to screen as they get resolved just as an example, at this point really if you were unpacking the exe you would grab the data and produce a fresh import table. after outputing the import data im going to then let the progam continue to OEP, halt it there and show a msgbox.

    220 downloads

    0 comments

    Submitted

  6. Linking and Loading

    By Teddy Rogers

    Linkers and loaders have been part of the software toolkit almost as long as there have been computers, since they are the critical tools that permit programs to be built from modules rather than as one big monolith.

    151 downloads

    0 comments

    Submitted

  7. Memory Patching

    By Teddy Rogers

    All we know that sometimes patching is harder (when the target is protected with a packer). Current tutorial explains how to change the code of ANY (packed/non packed) program without permanent patching (kind of patching via better method).

    405 downloads

    0 comments

    Submitted

  8. Memory Patching How and When?

    By Teddy Rogers

    A paper looking at the approach and implementation of a memory patch via loader method.

    308 downloads

    0 comments

    Submitted

  9. Writing Loaders for ASProtect 1.2x & Earlier

    By Teddy Rogers

    This tutorial addresses a target packed with ASProtect 1.2x and shows you how to write a loader for it.

    184 downloads

    0 comments

    Submitted

  10. Writing Loaders for ASProtect 2.x

    By Teddy Rogers

    This tutorial addresses a target packed with ASProtect 2.0 and shows you how to find where the application sets its trial information, how to defeat the nag, and finally write a generic loader for programs protected with ASProtect version 2.0.

    267 downloads

    0 comments

    Submitted

  11. Abstract, Safe, Timely, and Efficient Binary Modification

    By Teddy Rogers

    Program binaries are commonly held to be an execute-only program form: rigid, lacking in clear structure, complex to extend and difficult to modify. However, there are several benefits to be gained from modifying binaries rather than another program form: the effects of the compiler upon the program are clearly present; binary modification does not require access to source code, which may be unavailable; and users may manipulate programs while they execute, which is impossible with other forms of program modification.

    In this dissertation, we develop and refine four desired properties of a binary modification toolkit: abstraction, safety, timeliness, and efficiency. By abstraction, we mean that a user should operate in terms of familiar structural representations, such as functions, loops, or basic blocks, instead of directly on instructions. By safety, we mean that modification should preserve the visible behavior of code that was not explicitly modified and the structural validity of the binary as a whole. By timeliness, we mean that a toolkit should allow modification of a binary at any time in its execution continuum, from a file on disk to actively executing code. By efficiency, we mean that modification should impose cost that is both low and proportional to the amount of modified code and the frequency with which it is executed.

    We then describe three techniques that allow us to achieve these properties. First, we demonstrate that the CFG, an abstraction that represents the binary program’s structure, can also be used to modify this structure and thus the binary as a whole. By leveraging the CFG, we allow users to operate in terms of familiar and natural constructs rather than requiring them to understand the idiosyncrasies of particular instruction sets. Second, we further refine techniques for code replacement, allowing us to modify a program binary at any time in its execution continuum while preserving proportional cost. Third, we present a technique based on a formal understanding of the characteristics of binary code that allows us to modify the structure of the binary without changing its user-visible behavior, even when the binary attempts to detect such modifications.

    144 downloads

    0 comments

    Submitted

×
×
  • Create New...