My own PE Protector

D.F. · October 26, 2011, 01:20:54 PM

Hi all,
I want to write my own PE Protector. I read a lot about PE File Format, but I don't know how to start. I will be happy for any links and source codes.

Regards, David

qWord · October 26, 2011, 01:33:26 PM

Quote from: D.F. on October 26, 2011, 01:20:54 PMI read a lot about PE File Format, but I don't know how to start.

So you know at least on protection mechanisms?

D.F. · October 26, 2011, 02:37:08 PM

Quote from: qWord on October 26, 2011, 01:33:26 PM
Quote from: D.F. on October 26, 2011, 01:20:54 PMI read a lot about PE File Format, but I don't know how to start.
So you know at least on protection mechanisms?

My friend told me that I must crypt the code section. Next I must add new section to crypted PE file with loader and decryption code. There is my questions: How to add new section to PE file? How to find where the encrypted code begins and ends?

fearless · October 26, 2011, 02:41:53 PM

Hi David,

Probably a lot of stuff to do if your going to right your own one. Might be option to look at the main competitors out there and see what each one offers, and see if they fit your needs.

http://www.oreans.com/themida.php
http://pecompact.com/index.php

are a couple i can think of off the top of my head.

But realistically, and most coders will tell you this, no matter what you use to protect software, if someone is determined enough, and/or has enough time/patience/knowledge/money, then probably any software protection can be broken, but the commercial option may disuade casual reversing and cracking enough to justify the initial cost of the protection software.

D.F. · October 26, 2011, 03:33:07 PM

I write this protector for my school for educational purposes only, not to protect my software.

qWord · October 26, 2011, 03:49:01 PM

A simple solution would be to add a additional section, containing the decrypter, and using this one for the entry point (see SEGMENT-directive). With an external tool you must only encrypt the actual code and data sections.

clive · October 26, 2011, 04:01:57 PM

I think a more realistic educational goal would be to build a linker, or loader. But may be you're studying at thepiratebay.edu

If you don't know how to start, perhaps you need to figure out why you're lost.

For instance are you familiar with loading files into memory, navigating the structure of that data, writing out different pieces to another file, expanding and creating structures within the new file as you are writing it out, or holding it in memory?

Start with something that loads the file, and dumps/decodes the data therein.

Farabi · October 29, 2011, 09:10:56 AM

Or the simplest solusion is, create one program as unpacker and encrypt your real program and then load and run it.

News:

My own PE Protector