About Packer Source Code

xiaoxiao2021-03-19  202

Honestly to say, Tibbar's packer just encrypts the code section, which can be detected by most AV programs. But if your main aim is to make virii undetectable, packing is not the only way. In the trojan & virus errata section of GSO, there are tutorials About It, Which Don't Do Anything with packing or advanced programming. You change, "HARMLESS" bytes in the file, and it becomes undetectable by some avs. Packing is a good way, but not the only war.

Antoher thing is the so called heuristic analyzing. It's the code analyzation that's done by AV programs to find engines that possibly make the virii undetectable, like polymorphic / metamorphic engines, packers, weak ones like UPX and Petite, or strong ones like ASProtect and Armadillo .

And in cases, you do not need source codes at all to understand things about packers, also how some protection and packaging / encryption schemes work. Reverse engineering may help you to understand the packers, their way of certain protection schemes, but anyway, Never Give Up, Learn and Study. and Don't Worry About your English, I don't think people, Mine IS Also Not So good.

转载请注明原文地址:https://www.9cbs.com/read-130030.html

New Post(0)