GIV Posted January 8, 2015 Posted January 8, 2015 LOL: 00639000 > 33DB XOR EBX,EBX 00639002 8D83 00906300 LEA EAX,DWORD PTR DS:[EBX+<ModuleEntryPoint>] 00639008 53 PUSH EBX 00639009 50 PUSH EAX ; unpackme.00639072 0063900A 8D83 72906300 LEA EAX,DWORD PTR DS:[EBX+0x639072] 00639010 FFD0 CALL EAX ; unpackme.00639072 00639012 8D83 00345E00 LEA EAX,DWORD PTR DS:[EBX+0x5E3400] 00639018 FFE0 JMP EAX ; unpackme.00639072You must to be blind to not see the FFE0.Level 0/10.No stolen imports resources etc.Is for absolute beginner.
mudlord Posted January 9, 2015 Author Posted January 9, 2015 Which is the point. Why overengineer things if the intent is just packing?
mudlord Posted January 15, 2015 Author Posted January 15, 2015 (edited) What program protection ? Something I have been working on and off for the past few months. Mainly as a experiment in compression, as well as to learn more about the PE format. There is no plans for protection at this time as any protection is easily foiled by people who have the skills. Didnt expect xsrtsect to keep the packer section, I would have expected him to rebuild certain things. Oh well . Edited January 15, 2015 by mudlord 1
xSRTsect Posted January 15, 2015 Posted January 15, 2015 Something I have been working on and off for the past few months. Mainly as a experiment in compression, as well as to learn more about the PE format. There is no plans for protection at this time as any protection is easily foiled by people who have the skills. Didnt expect xsrtsect to keep the packer section, I would have expected him to rebuild certain things. Oh well . yeah but xsrtsect is newwwwwwwwwwwwwwwwb lol
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now