there are a lot of "Packers" around that let you encrypt you exe/dll like aspack. I downloaded a few but they dont work for me. I dont know if its a problem with my cide or what but htey seem to make all string var's contain NULL all the time. any ideas what could cause that? any way. I would like to find out how the packers work. and how to write my own. any sugestions?
Posted on 2002-04-12 22:00:16 by dionysus
dionysus,

you maybe want check the pe packer i did. very simple, but dont handle resources. it is in:

You should now better

ancev
Posted on 2002-04-13 00:53:51 by ancev
ACK!!! dead link. and does it have source? I want to learn how they work. hopefully write my own. not just use one.
Posted on 2002-04-13 04:55:53 by dionysus
dionysus, it took me along time to find out the files needed for most of ancev files was in HideProc.zip. Well anyway i think all of his stuff is the best place in the world to start learning about PE and stuff. I only hope that if there are bugs that we can at lease learn enough to be able to find all of them... ancev stuff seems very very very very serious. And i will not rest until i understand it. I been looking at it for a good week now....I mean just looking at it...Wondering if i should that the dive....Heavy

I got one problem and that is i use masm and i got it preety well trained now not to defeat me through-out my project so do you mind me calling on you a few times starting next month. In the mean time i will be studying some of your files Word for Word so that i have an good idea of how things work and what to do with it. This is All New to Me....

Also, on my win95 machine, whenever i just execute the HideProc.exe it say the Kernel has already been patched than it always after a few minutes or so cause my machine to crash. Reboot cleanes it up i guest.

Maybe one day Could you do some of your stuff in masm for us masm users. I was going to change but heck, it just like Windows, masm rules. And i tryed to fight Windows and Window Won...I hate a lot of stuff about both but i learned to live with it and how to train them and if not i just wrte work around code.
Posted on 2002-04-13 06:30:13 by cmax
hi,

seens that coderz.net is down. i will try find a new hosting(that allow my things) soon.

all the stuffs in that page have the source, yes. i will attach the packer to this msg, to you check it.

about hideproc, it only work in w98. that happen coz it put the hook code in the free slack space between kernel32's sections. in w98, with the 1000h alignment, there's lot of space. in w95, with the 200h, no.

i put the code there coz it need be in a shared memory region. but i found undocumented flag in VirtualAlloc() that does that, so, is easily fixable.

ancev

ps: cmax, there's some masm(and nasm) stuffs in that page. the schadenfreude.zip client part is made in masm. i use masm for GUI stuffs and things that need complete INC files only ;)
Posted on 2002-04-13 11:18:24 by ancev