Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page New software encryption method
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #2  
Old 12-06-2006, 00:00
MarkusO
 
Posts: n/a
The idea is not new. In fact it is already used in nearly every protector having some kind of VM features.

But I think the best part is the following:
Code:
[...]
3. Principle of work
[...]
    C. Running the real code in stack
       Push encrypted instruction code to stack, decrypt it,call it!
[...]
This will make all people with DEP turned on (you can't even turn it off on Windows x64) happy, since each and every instruction will now crash the application.

Edit:
I just checked the sample application. It's full of code like this one:
Code:
xor         d,[esp][06],023436576
mov         eax,esp              
call        eax
Of course it will crash.
Last edited by MarkusO; 12-06-2006 at 00:07.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
.net modification of a method (without decompilation) Shub-Nigurrath General Discussion 8 10-15-2013 21:04
search method passwords goku General Discussion 7 07-14-2010 02:15
Protection against point-h method? TheDutchJewel General Discussion 7 05-06-2004 01:32
What method to use? bartster General Discussion 11 02-08-2004 23:19


All times are GMT +8. The time now is 04:21.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )