A packer which does this...

Is there any packer which does custom encryption?,lets say encrypt offset 40000 to 60000 only or encrypt only a section. i don't mind space used

thanks

[dyn!o]

There exist such a "thing" but it's not a protector but a commercial protection system (a wider technique).

It's not available for public, even for the customer who wants his software to be protected with it (delivery of the software is needed). Anyway, here goes some of the features if you are interested:

- protection of any range of the code section in compiled software (no need of sources)
- possibility of any code (function) execution in the place of space caused by ripped code
- no noticeable software performance decrease (no matter how long range will you protect)
- generic anti-debugger detection (detects all debuggers, no matter what tool will you use to hide)
- virtual machine + own environment
- the protection doesn't take the usage of a driver

and don't ask if you can try its strength - you can't, me too.

Regards.

[taos]

Quote:

Originally Posted by dyn!o

There exist such a "thing" but it's not a protector but a commercial protection system (a wider technique).

- protection of any range of the code section in compiled software (no need of sources)
- possibility of any code (function) execution in the place of space caused by ripped code
- no noticeable software performance decrease (no matter how long range will you protect)
- generic anti-debugger detection (detects all debuggers, no matter what tool will you use to hide)
- virtual machine + own environment
- the protection doesn't take the usage of a driver

well, actually I'm working in my new release of my little project and this is what I have did it:

- protection of any range of the code section in compiled software (no need of sources)

you tell me the main idea in a last post "The problem is the moment when your code gets decrypted", what happens if every xxx's lines of code have crypted and with the key of the last crypted key and of course some fixed values? I've implemented this in my new system :-). the problem, I can not make a tool to protect, but every protected EXE will be very different.
I study the EXE and then take a note what to encrypt (from-to) and how.
I have balanced between perfomance and to have a few code decrypted.


- possibility of any code (function) execution in the place of space caused by ripped code
- no noticeable software performance decrease (no matter how long range will you protect)

already implemented ;-) All in ASM.

- generic anti-debugger detection (detects all debuggers, no matter what tool will you use to hide)

I've used a lot of tricks to detect debuggers. Indeed in my first project I make a mistake, I used commercial packers, in this release ONLY MY PACKER will be used, and then my antidebug technics will be more powerfull.
In this proj. I can detect BPM's (soft and hard) and import hooks and repeat, I don't use any commercial prog.

- virtual machine + own environment
I'm interested to implemented this too, but I need more info about this. :-( and I think it can be a problem with my proper debugger used.
I've implemented like a "copy mem" feature, I have used a attached debugger trick and...(ok I don't want tell you more information,obviously )

I promise you that it will be more difficult that last, very more...

Thanks for your ideas. :-)

In a few days I will put a EXE file to test it by the community.

Regards.