Tool introduction passes the previous section, I think everyone knows what is the concept of shells. It is also said that when running the shell, the user is actually the program of this housing, and this shell is responsible for the original program The memory is decompressed, and the control is also given to the unproven real program. Since all work is running in memory, the user does not know if it doesn't know how to run, as long as it doesn't change it. At that time, some people worried that these decompressed work will bring additional runtime, but in fact all executables should read in memory, the file is small, and the time read from the computer hard disk. Natural. There are also less, two off, actually the user does not feel how much the program is slow. The shell is to grab the program that is really restored in the memory, and corrects the executable file. The file format on Windows 95 / NT / 2000 is Portable Executable file format (ie, PE format), which is applied to all Win3-based systems. Because the popularity of Windows is now, the shells mentioned below are based on this file format. Compression Tool Description (Packers) We talk about the compression tools such as Winzip, WinRAR (they are compressed any files), but talk about the tools that are specifically compressed under the PE format EXE or DLL files under Windows, the compressed EXE file is self Unzip the executable. Frequent Compression Tools (Windows Packers) list:
name
Author
Homepage
Introduction
Aspack
Alexei Solodovnikov
Www.aspack.com
It is a very powerful Win32 compression tool written by Russian author Alexey Solodovnikov, its compression ratio, speed and compatibility are very good, and is currently a very popular compression tool.
Upxmarkus Oberhumer & laszlo molnar
Homepage
Very complete EXE compression software and can be taken from the UPX -D command. Petite Ian Luck
Homepage
Can compress the PE files for Code, Data and other resources. PE-PACK Anakin
Homepage
A compact compression tool of its own size PKLite32 Pkware, Inc.
Www.pkware.com
32-bit compression tool (DLL / EXE). WwPack32 Piotr Warezak and Raffal Wierzbicki
Homepage
32-bit compression tool (DLL / EXE) .NEOLITE
HomPage
32-bit compression tool (DLL / EXE) .SHRINKER BLINK INC
HomPage
32-bit compression tool (DLL / EXE). Introduction to the Shell Tool General, the shell of certain compression tools, there will be a corresponding shelling tool, so as long as the newer version of the shell tool, the general shell can It is easy to take off. Common Shell Tools (Windows Unpackers) list:
name
Author
Homepage
Introduction
Aspack UnpackerBane
Homepage
Depending the ASPACK compressed PE file. Unpeck M.O.D. Take the Pepack's Shell ProcduMP32 is very excellent "universal" shell tool, but unfortunately do not upgrade, so you can only automatically detach the shell of the old version of the compression tool, but you can upgrade through the script command. It is also an excellent PE modification tool. Detect file type tool
name
Introduction
FileInfo can detect a variety of file formats. It is recommended to judge whether or not the case or shell is used before shelling. Gettyp function is the same as above the TYP function
Several other encryption tools (DLL / EXE)
Pelock / Morphine / Pecompact /
