|
[求助]这么大个中国,就没人能汉化得了SoftEther vpn 2.0 么?
标题很有挑点性啊,楼主是个FQ吧 |
|
[求助]VB程序破解
期待高手解答 |
|
[公告]看雪论坛对于所涉及到目标软件的管理2007.10.15
支持,讨论的就是技术,专门为破解而破解的不讨论也罢 |
|
|
|
[翻译]<脱壳的艺术>前言
1. INTRODUCTION In the reverse engineering field, packers are one of the most interesting puzzles to solve. In the process of solving these puzzles, the reverser gains more knowledge about a lot of things such operating system internals, reversing tricks, tools and techniques. 在逆向工程领域,加壳是需要解决的一个有趣的难题。在解决这一难题的过程中,逆向者更多的是学到了某一操作系统内部技术、逆向技巧、工具和相关技术。 Packers (the term used in this pape for both compressors and protectors) are created to protect an executable from analysis. They are used legitimately by commercial applications to prevent information disclosure, tampering and piracy. Unfortunately, malcodes also use packers for the same reasons but for a malicious purpose. 壳(本书中用到的这一术语既指压缩壳也指加密壳)被用来阻止一个可执行文件被分析。他们非常合理被用来阻止商业软件的信息泄露、非法修改和盗版。不幸的是,恶意代码也基于同样的原因加壳来达到他们恶意的目的。 Due to a large number of packed malcode, researchers and malcode analysts started to develop the skills to unpack samples for analysis. However, as time goes by, new anti- reversing techniques are constantly added into packers to prevent reversers from analyzing the protected executable and preventing a successful unpack. And the cycle goes on - new anti-reversing techniques are developed while reversers on the other side of the fence develop the skills, techniques, and tools to defeat them. 因为有大量的恶意代码被加壳,研究者们和恶意代码分析人员开始开发对样品进行脱壳用以分析的技术。然而,随着时间的推移,新的反逆向技术不断的被应用到加壳软件中,来阻止逆向者们分析被保护的程序和防止程序被成功脱壳。于是,新的反逆向技术被应用和该技术被分析解决的循环周而复始。 The main focus of this paper is to present anti-reversing techniques employed by packers, tools and techniques on how to bypass/disable these protections are also discussed. Conversely, some packers can easily be bypassed by process dumping and thus, dealing with anti-reversing techniques seems unnecessary. However, there are instances where the protector code needed to be traced and analyzed, such as: 这本书的重点是列举壳所用到的反逆向技术,相关工具和绕过或解除这些保护方式的技术也将被讨论。相反的,一些壳能够通过进程的转储而轻易绕过,因此针对反逆向的技术看上去似乎没什么必要。然而,也有些实例说明某些被保护的代码需要跟踪和分析,例如: * Parts of the protector code needed to be bypassed in order for a process dumping and import table rebuilding tool to properly work * In-depth analysis of a protector code in order to integrate unpacking support into an AV product * 部分保护代码需要绕过,以便进程代码的转储(dump)和输入表重建工具能够正常工作。 * 深入分析一段保护代码,以便影音文件的完整脱壳。 Additionally, understanding anti-reversing techniques is also valuable in cases where they are directly applied to a malcode in order prevent tracing and analysis of their malicious routines. 另外,掌握反逆向技术也有利于分析那些利用该技术阻止被跟踪和分析的恶意代码。 This paper is by no means contain a complete list of anti-reversing techniques as it only covers the commonly used and interesting techniques found in packers. The reader is advised to refer to the last section which contains links and books information to learn more about other anti-reversing and reversing techniques. 本书不可能涉及所有的反逆向技术,只是包含了壳中最常用到和最感兴趣的技术。建议读者参考一下最后一章给出的链接和书籍来了解更多的逆向和反逆向技术。 The author hopes that the reader found this material useful and able to apply the tips, tricks and techniques presented. Happy Unpacking! 作者希望读者找到其中有益的资料并能够掌握这些提示、技巧和技术。脱壳愉快! |
|
The Shellcoder's Handbook (PDF) 中文完整版下载
这样的好书一定要下,谢谢了 |
|
[求助]黑鹰破解提权班 66课
搞不定,希望高手出马 |
|
[求助]syser 消息断点怎么下?
syser是什么DD |
|
[讨论]某网游外挂调试方法的求证
这样的问题你问的太直白了 |
|
|
|
[原创]破解VB葵花宝典:)[已附件经传好,申]
谢谢楼主,分享的精神值得我们每一个人学习 |
|
[原创]Windows Media Player 11 安装包破解
学到了一个对付新建线程的方法,谢谢楼主分享。如果能把CreateThread 这个API介绍补上,对我等菜鸟就更有意义了。 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值