News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

My own PE Protector

Started by D.F., October 26, 2011, 01:20:54 PM

Previous topic - Next topic

D.F.

Hi all,
I want to write my own PE Protector. I read a lot about PE File Format, but I don't know how to start. I will be happy for any links and source codes.

Regards, David

qWord

Quote from: D.F. on October 26, 2011, 01:20:54 PMI read a lot about PE File Format, but I don't know how to start.
So you know at least on protection mechanisms?
FPU in a trice: SmplMath
It's that simple!

D.F.

Quote from: qWord on October 26, 2011, 01:33:26 PM
Quote from: D.F. on October 26, 2011, 01:20:54 PMI read a lot about PE File Format, but I don't know how to start.
So you know at least on protection mechanisms?
My friend told me that I must crypt the code section. Next I must add new section to crypted PE file with loader and decryption code. There is my questions: How to add new section to PE file? How to find where the encrypted code begins and ends?

fearless

Hi David,

Probably a lot of stuff to do if your going to right your own one. Might be option to look at the main competitors out there and see what each one offers, and see if they fit your needs.

http://www.oreans.com/themida.php
http://pecompact.com/index.php

are a couple i can think of off the top of my head.

But realistically, and most coders will tell you this, no matter what you use to protect software, if someone is determined enough, and/or has enough time/patience/knowledge/money, then probably any software protection can be broken, but the commercial option may disuade casual reversing and cracking enough to justify the initial cost of the protection software.

Ć’earless

D.F.

I write this protector for my school for educational purposes only, not to protect my software.

qWord

A simple solution would be to add a additional section, containing the decrypter, and using this one for the entry point (see SEGMENT-directive). With an external tool you must only encrypt the actual code and data sections.
FPU in a trice: SmplMath
It's that simple!

clive

I think a more realistic educational goal would be to build a linker, or loader. But may be you're studying at thepiratebay.edu

If you don't know how to start, perhaps you need to figure out why you're lost.

For instance are you familiar with loading files into memory, navigating the structure of that data, writing out different pieces to another file, expanding and creating structures within the new file as you are writing it out, or holding it in memory?

Start with something that loads the file, and dumps/decodes the data therein.
It could be a random act of randomness. Those happen a lot as well.

Farabi

Or the simplest solusion is, create one program as unpacker and encrypt your real program and then load and run it.
Those who had universe knowledges can control the world by a micro processor.
http://www.wix.com/farabio/firstpage

"Etos siperi elegi"