|
|
|
|
#1
05-15-2005, 18:39
|
|||
|
|||
|
Xixiaolou i think it's not so easy as it seems. Because today packers using a lot of tricks like crypted/stolen OEP bytes, crypted sections, decrypting in memory on the fly, redirected/scrambled IAT and other shit, so i will be glad if there will working unpacker for one of these tricky packers. Coding universal one is almost impossible today. My opinion it was possible to code, when unpacking was about finding OEP (not obfuscated, crypted etc ..) and fixing IAT (not redirected/scrambled/destroyed), but not today.
|
|
#2
05-18-2005, 08:34
|
|||
|
|||
|
Well,I know what you mean.but it's very hard today.
There was such a unpacker named UPC can unpack nearly everything for apps generated by Borland's compiler under DOS. It works depend the facts that there will be a far jump to reach OEP of original app,and there is a patten for their initial code. under windows,more and more technique have been developed to obfuscate the edge between the shell and the nut.There is a little code that can camouflage any app into a "VC++ compiled" app...
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Hybrid Mode
