|
小弟写了1个程序想加个壳
看你想要达到什么效果 保护壳用: ASProtect/Armadillo/EXECryptor/Themida 压缩壳用: UPX/AsPack/NsPack/PECompact/FSG |
|
找了好多EXE加密都不是很理想...
http://www.pediy.com/tools/packers.htm |
|
[讨论]ASPR2.3的脱壳后再加壳
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 MZ?........?.. 00000010 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ?......@....... 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000030 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 ............?.. 00000040 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 ..?.???L?Th 00000050 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F is program canno 00000060 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 t be run in DOS 00000070 6D 6F 64 65 2E 0D 0D 0A 24 00 00 00 00 00 00 00 mode....$....... 00000080 50 45 00 00 4C 01 05 00 65 91 46 35 00 00 00 00 PE..L...e?5.... 00000090 00 00 00 00 E0 00 0E 01 0B 01 03 0A 00 40 00 00 ....?.......@.. 000000A0 00 74 00 00 00 00 00 00 CC 10 00 00 00 10 00 00 .t......?...... 000000B0 00 50 00 00 00 00 40 00 00 10 00 00 00 10 00 00 .P....@......... 000000C0 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ................ 000000D0 00 D0 00 00 00 04 00 00 16 BE 01 00 02 00 00 00 .?......?..... 000000E0 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 ................ 000000F0 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ................ 00000100 00 60 00 00 8C 00 00 00 00 70 00 00 B8 4F 00 00 .`..?...p..赶.. 00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000120 00 C0 00 00 3C 09 00 00 00 00 00 00 00 00 00 00 .?.<........... 00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000150 00 00 00 00 00 00 00 00 E0 62 00 00 40 02 00 00 ........噔..@... 00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000170 00 00 00 00 00 00 00 00 2E 74 65 78 74 00 12 00 .........text... 00000180 00 40 00 00 00 10 00 00 00 40 00 00 00 10 00 00 .@.......@...... 00000190 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 ............ ..` 000001A0 2E 64 61 74 61 00 12 00 00 10 00 00 00 50 00 00 .data........P.. 000001B0 00 10 00 00 00 50 00 00 00 00 00 00 00 00 00 00 .....P.......... 000001C0 00 00 00 00 40 00 00 C0 2E 69 64 61 74 61 00 00 ....@..?idata.. 000001D0 00 10 00 00 00 60 00 00 00 10 00 00 00 60 00 00 .....`.......`.. 000001E0 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 ............@..@ 000001F0 2E 72 73 72 63 00 12 00 00 50 00 00 00 70 00 00 .rsrc....P...p.. 00000200 00 50 00 00 00 70 00 00 00 00 00 00 00 00 00 00 .P...p.......... 00000210 00 00 00 00 40 00 00 40 2E 72 65 6C 6F 63 00 00 ....@..@.reloc.. 00000220 00 10 00 00 00 C0 00 00 00 10 00 00 00 C0 00 00 .....?......?. 00000230 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 ............@..B 以Win98记事本为例 第一个区段名应在位置之前2个字节=0X176 |
|
|
|
|
|
|
|
|
|
|
|
[求助]请高手帮我看下这个变态壳
PEBundle+PEBundle+AsPacK 005F693C 55 push ebp //OEP 005F693D 8BEC mov ebp,esp 005F693F 83C4 EC add esp,-14 005F6942 33C0 xor eax,eax 005F6944 8945 EC mov dword ptr ss:[ebp-14],eax 005F6947 B8 F4645F00 mov eax,5F64F4 005F694C E8 F309E6FF call 00457344 脱壳后有时间检验 |
|
|
|
|
|
[求助]驱动版的Winlicense和themida是不是被封了
有的据说升级了系统/IE后导致无法运行了 |
|
|
|
|
|
|
|
[求助]关于软件自效验问题
Name: 公务员面试真题详解大全.V7.5.0.UnPacKed.解除自校验.rar 友益文书 制作的电子书脱壳后去除自校验总的来说比Ebook Workshop电子书的自校验去除要简单点 附件是脱壳后去除自校验的文件,没有详细测试 如果要研究如何修改的,使用All versions ASPack unpacker by PE_Kill自动脱壳 然后比较一下文件就知道了 |
|
|
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值