Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

unpacker stubs?

high6
high6
in Programming and Coding

Featured Replies

Posted

I was wondering how do packer makers make stubs? Do they program a unpack stub in say C++ then get the bytecodes and have the unpacker use the bytecodes as a base stub?

I'm not that sure what you're referring to, packers or unpackers :?

If youre talking about packers, you can basically go three ways:

- code the stub with asm and use offset independent code, this is hardly possible with any high level language (most smaller packers, FSG, RLPack, etc.)

- code a virtual dll that you load into memory, most stuff is done in there (ASPro, Arma)

- code a stub dll and put it into a new section, the reloc table is used for relocating offsets to the new RVA (ie all offsets increased by NewSectionRVA)

Edited by Killboy

  • Author
I'm not that sure what you're referring to, packers or unpackers :?

If youre talking about packers, you can basically go three ways:

- code the stub with asm and use offset independent code, this is hardly possible with any high level language (most smaller packers, FSG, RLPack, etc.)

- code a virtual dll that you load into memory, most stuff is done in there (ASPro, Arma)

- code a stub dll and put it into a new section, the reloc table is used for relocating offsets to the new RVA (ie all offsets increased by NewSectionRVA)

Okay thanks, thats what I was talking about.

Which is the most common?

maybe just google so then you will know!

for example coding own packer

or down upx sources, its all there.

I'd say the last method's the easiest for writing the stub, but needs a bit more coding concerning the builder (just fixing relocations). I myself use the first method (in Assembler), I also did an approach with C/C++ for the stub, but there are more restrictions for labels, thus it's easier to do it in asm. ;)

The second method needs some (lowlevel) stub which loads the dll, following the material on the net (Bauch, Shub, ...), this should be also not too hard to implement.

  • Author

Well I plan on coding an unpack stub in VC++6. Anyone know the macro to make all calls inside a function inline?

Yep, it's __forceinline (inline let's the compiler decide whether to inline it or not). Apply it like this:

long __forceinline GimmeSomeKernelBase();

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.