News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Protector

Started by trodon, June 12, 2006, 07:06:05 PM

Previous topic - Next topic

trodon

hi all, i have one question about pe protectors etc...
i have tried to make my own personal exe protector or someting like this to protect, crypt my exe file but i have no lucky   :'(
i have found yodas protector source in masm but this is litle hard for me to understant because i am not that good asm programer, and i need some easy project then yodas, this no need to be some extra protection but i need somethin just to change my exe file
so i wll be very,very greaful if some people have time to explain me or even bether if give me some example source of small protector in masm32 i realy need this please help me someone  :'(
btw, sorry for my bad english i am from romania :)

Thanks.

Ehtyar

#1
My suggestion would be UPX + UPolyX, it's about the best combination you can get without a lot of hard work (ya might wanna manually strip the version info from the header).
UPX 2.01 was released just a week or two ago, and is availble from http://upx.sourceforge.net/
UPolyX is fairly old, but the latest build can be found at <see below>
If you have a read, you'll figure out how both work.
Good luck, Ehtyar.

trodon

yeah i know but this is not in masm language this is c++ and i am lookink for some stuff writen in asm language,some small stuff nothing special, just to see how this can be done.
ofcourse in 32bit aplication non 16bit  :8)
thanks

Ehtyar

#3
oh, my apologies, in that case, all i can recommmend is either yodas cryptor or yodas protector. However, both have static protection procedures, that will need to modified or enhanced to protect your software from programs like unyc (un-yodas cryptor) which can undo the changes made by these programs.

[edit]
My mistake, both appear to be in C/C++. I'll have a quick google for something in asm and see what i can find.
[/edit]

[edit2]
Google didnt help much, so i resorted to http://www.programmerstools.org/. I found two protectors that are open source an in asm, but nither are particularly good, and both have several bugs. Give them a try if you like, but i have a feeling they're all you'll be able to find.

Good luck.

ftp://ftp.sac.sk/pub/sac/security/stnpepak.zip
http://programmerstools.org/system/files?file=pex0.99.zip (recommended, uses aplib)
[/edit]

rags

#4
Quote from: Ehtyar on June 12, 2006, 08:25:30 PM
UPolyX is fairly old, but the latest build can be found at l
Ehtyar,
Just to give you a heads up, according to rule #3 of the rules of the forum,
Quote3. Legality of content is not a negotiable matter in the forum. Assembler programming is mainstream programming and is primarily used by professional programmers who require the performance in specialised areas. Low level coding is both allowed and encouraged but there will be no viral or trojan technology allowed including technical data under the guise of AV technology, no cracking and similar activities in the guise of "Reverse Engineering", no hacking techniques or related technology and no support or help with or reference to pirated software. There will also be no links to pages that support or display any of these or any other illegal areas of coding.
Posting links to sites that contain virus related stuff is not allowed.
Regards,
   Rags
EDIT:Link removed in quote by me
God made Man, but the monkey applied the glue -DEVO

Ehtyar

#5
link removed

Happy?

trodon, there are other versions available from the root of the site, but since there is "questionable material" located on the page, here is the direct link.


Sorry, but linking directly to the file still means the site is linked to.
sluggy

trodon


Casper

Sluggy,
The link has not been removed from the quote in Rags post.

Casper

Ehtyar

#8
ya know what, nevermind. it's clearly not acceptable to help people protect their software, not entirely sure why i bothered.

Mark Jones

Quote from: Ehtyar on June 18, 2006, 03:57:02 AM
very lame
upolyx 0.5 (latest) + source attached, if you need further info, a google of "upolyx" will suffice
P.S. zip is not the only compression format in the world...

Very lame? I find this a very offensive post.

Being condecending to complete strangers is not a very good way to make friends in this world, but to each their own...

Furthermore, the UPX license does not condone "scrambling" and this code is in clear violation of the UPX copyright. See the complete license for yourself at http://www.upx.org/

Quote from: UPX License
READ THIS UPX LICENSE AGREEMENT - ESPECIALLY IF YOU PLAN TO CHANGE UPX SOURCE CODE OR USE A MODIFIED UPX VERSION. ABSTRACT ======== UPX and UCL are copyrighted  © software distributed under the terms of the GNU General Public License (hereinafter the "GPL"). The stub imbedded in each UPX compressed program is part of UPX and UCL, and contains code that is under our copyright. Terms of the GNU General Public License still apply as compressing a program is a special form of linking with our stub. Hereby Markus F.X.J. Oberhumer and Laszlo Molnar grant you special permission to freely use and distribute all UPX compressed programs (including commercial ones), subject to the following restrictions: 1. You must compress your program with a completely unmodified UPX version; either with our precompiled version, or (at your option) with a self compiled version of the unmodified UPX sources as distributed by us. 2. This also implies that the UPX stub must be completely unmodfied, i.e. the stub imbedded in your compressed program must be byte-identical to the stub that is produced by the official unmodified UPX version. 3. The decompressor and any other code from the stub must exclusively get used by the unmodified UPX stub for decompressing your program at program startup. No portion of the stub may get read, copied, called or otherwise get used or accessed by your program. ANNOTATIONS =========== - You can use a modified UPX version or modified UPX stub only for programs that are compatible with the GNU General Public License. - We grant you special permission to freely use and distribute all UPX compressed programs. But any modification of the UPX stub (such as, but not limited to, removing our copyright string or making your program non-decompressible) will immediately revoke your right to use and distribute a UPX compressed program. - UPX is not a software protection tool; by requiring you use the unmodified UPX version for your proprietary programs we make sure that any user can decompress your program. This protects both you and your users as nobody can hide malicious code - any program that cannot be decompressed is highly suspicious by definition.
"To deny our impulses... foolish; to revel in them, chaos." MCJ 2003.08

hutch--

The UPX licence agreement is the reason why I stopped using UPX years ago as the restrictions applied in the licence made unpacking, hacking and repacking an executable easy to do. They did have a decent compression algorithm but they crippled it with their own ideology. there is a freeware version of the later development of Jeremy Collake original exe compessor that does not impose this nonsense on you so it is a much better proposition.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

Ehtyar

sounds good hutch, you have a link we could get, google likes the paid version it seems, thanks :S

hutch--

This is the link I found for it.

http://www.bitsum.com/pec2.asp

Download the "Student" version.

I read at the bottom of the page that Jibz has contributed compression code in a codec plugin which should be very useful as the compression design written by Jibz is very effective on the small files which is typical of assembler output. The entire system is well set up for programmers to tweak a numer of things to make unpacking and similar a lot more work.

Contrary to popular folklore, exe compression is one of the easiest and fastest way to protect a program and while it can be reconstructed by people who have high enough skills, its not for the faint of heart and you can still build different protection systems into the source code before you compress it.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

Ehtyar

pecompact is a sweet packer, but i never knew there was a free version, thanks a lot for that hutch :)

trodon

QuoteBeing condecending to complete strangers is not a very good way to make friends in this world, but to each their own...

what is wrong with helping strangers?
i am ask help and this man help me and i am greatfull for this