#16
|
||||
|
||||
As a direct response to the leaker, I have documented the main depacker internals. I might do a static unpacker, too.
Quote:
|
#17
|
||||
|
||||
Updated:
* better error handling when handling invalid files (already mupacked files, .NET assemblies, x64 files). * tested post packing digital code signing. |
The Following 2 Users Gave Reputation+1 to mudlord For This Useful Post: | ||
mr.exodia (01-07-2016), Storm Shadow (01-08-2016) |
The Following 5 Users Say Thank You to mudlord For This Useful Post: | ||
alephz (01-08-2016), dj-siba (01-07-2016), MarcElBichon (01-07-2016), Max (04-04-2016), niculaita (01-07-2016) |
#18
|
||||
|
||||
Nice tool
Dragging an executable on mupack_pub.exe won't start packing. Packing section take some time, at first i thought it freezes during while loop or something, it would be nice to have some text like "Wait...Packing" while packing. Also what about merging all section into one section ? no options tab ? About Compression ratio: Have you done some exe packer comparison with similar tools ? (uPack/XPack/MEW/..) |
The Following User Says Thank You to dj-siba For This Useful Post: | ||
niculaita (01-07-2016) |
#19
|
||||
|
||||
Quote:
Quote:
Quote:
Quote:
|
#20
|
|||
|
|||
blog seems down chief, also firefox reports the site as serving malware... if i tell it to ignore it i get a 404 on the link you posted for the 'response' ... kinda sucks someone leaked, i know what that feels like.. really makes you question the motives of some people
|
#21
|
||||
|
||||
Yah, Google in thier infinite wisdom blocked my site thanks to some false positives on some demos & files I coded, because I used a packer. And its impossible to get them to unblock because the review process seems to be entirely automated.
I tried working around it by setting Apache settings to make http://mudlord.info/blog usable instead, but that broke Wordpress entirely. At least now the people at the taggant team have a PDF of the depacker internals, hopefully they can spread it amongst the cabal so they can autodepack it like UPX. |
The Following User Gave Reputation+1 to mudlord For This Useful Post: | ||
evlncrn8 (01-08-2016) |
#22
|
|||
|
|||
@mudlord you could try setting a subdomain with some aliasing, but chances are google blocked your entire domain range
|
#23
|
|||
|
|||
automated blacklisting is a recipe for disaster...
|
#24
|
||||
|
||||
Quote:
Strip TLS Strip Reloc Strip Debug Strip Delphi Resources Don't compress resource Preserve Overlay Merge Sections Compression Algo ... |
#25
|
||||||||
|
||||||||
I know, but I proved it happened: Managed to unblacklist my site just by password protecting ZIPs/RARs with packed files.
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
|
#26
|
||||
|
||||
Quote:
Quote:
|
#27
|
||||
|
||||
Thanks for the info.
Yes, the private build uses a high compression variant of whats in the public build as well as LZMA1. LZMA2 wasn't chosen since thats just 7z related, and not compression algo related. It changes on the fly since LZMA works well on files on large file sizes whereas the LZ77+range coder works well on small-medium file sizes. There is also a tradeoff when using the HC variant of LZ77+range coder, in terms of speed, so thats taken into account too. I'm quite proud of that. Last edited by mudlord; 01-19-2016 at 08:27. |
#28
|
|||
|
|||
Have you tried alternatives to LZMA by any chance?
|
#29
|
||||
|
||||
LZMA1 seemed to be one of the best, if not the best for compression ratio vs decompressor size.
|
#30
|
||||
|
||||
Started work on dj-siba's requests, next version will have at least commandline support for integration into MSVC and other things.
|
The Following 2 Users Say Thank You to mudlord For This Useful Post: | ||
dj-siba (03-16-2016), Storm Shadow (03-18-2016) |
Thread Tools | |
Display Modes | |
|
|