挺不错的PolyEnE,可惜够老了。
PolyEnE - Polymorphic Encryptor for Executeables
(c) 2001 Lennart Hedlund
Tested under Win98 & Win2k.
http://home.swipnet.se/polyene
PolyEnE is able to compress and encrypt most of your programfiles while
leaving them in an executeable state. To accomplish this, PolyEnE compress
and encrypts most parts of the program and then appends a piece of code
that runs when you start the program. This piece of code decrypts,
decompresses and fixes some other stuff in memory before it finally jump
to the original entrypoint of the program.
PolyEnE is free for both commercial and non-commercial use. I am NOT
responsible of any damage it causes in your system. It creates a backup,
don't remove this before you've tested the program in all environments you
would like to use it in.
If you see the message "An exception occured while restructurizing
resources" or if the "New section size"-progressbar increases faster than
"This section", the program is probably already packed and the output may
be non-functional.
Settings:
File to encrypt
Hmm, the file to encrypt. Select it by browsing or use drag'n'drop.
Randomization seed
Chooses seed for the randomization algorithm. You can use a
pseudorandom seed, or enter your own between 0 and 2^32-1.
Compression
Selects windowsize of compressionalgorithm. Bigger windowsize
results in better but slower compression. Decompression should not
be effected in other ways than a bigger possibility of cache misses.
Add junkcode
Inserts some code in the loader that doesn't do anything. Used to
confuse disassemblers or people tracing your program in a debugger.
Scramble loader
*Disabled* - To buggy, see bugs-section.
A normal loader runs in a linear mode with the following instruction
coming directly after the current one. A scrambled loader runs a
few instructions and then uses a JMP-instruction to go on with
the following instructions at a totally different place in the
loader. Used to confuse people.
Today there are many compressors/encryptors/"protectors" (let's call them
"wrappers") available for PE-files. For most of them, there are also
unwrappers available to the public written by and for people that wishes
to examine your original file. These unwrappers must get quite much
information about the original file by examining the wrapped one. The
unwrapper then has to rely on the fact that the wrapper have them stored
in the wrapped file and that they have to be used by the wrapper's loader
for the inmemory decryption. By knowing where in the loader the data is
accessed, the unwrapper can grab them easily. Most wrappers uses a static
loader, and because of that the offsets that the unwrapper needs to know
are also static.
To aviod this, the wrapper needs a dynamic loader, that will look
different for every encrypted file. The data that the unwrapper wants
should rather be stored as immediate operands than in structured tables.
The decryption-algorithms should be polymorphic and should use randomized
registers as source and destination parameters.
This is harder to make a generic unwrapper for.
This is PolyEnE.
(The early versions are not so hard to unwrap though.. To come.)
So far:
Sometime in Started to write on a polymorphic codegenerator for fun.
February -01 My military service doesn't leave me much time for it.
March - 01 Got an idea to use the (still not ready) codegenerator in an
executeable-encryptor. Not much was done due to lack of time.
Summer -01 Not really interested in programming. It's summer outside.
Wrote on it when it was raining and I had time for it.
5/7 -01 PolyEnE works with most programs under Win9x, but
encrypted programs doesn't seem to run under Win2k..
14/7 -01 Resource-restructuring now supports named resources. Wow.
20/7 -01 Solved importtable-troubles for programs created by some
linkers.
03/8 -01 PolyEnE now handles BSS- and TLS-sections without
problems (I hope).
29/8 -01 Fixed the biggest Win2k-problem. Some programs won't run
under Win2k anyway.
13/9 -01 The processing of the executeable now runs in it's own thread
fixing problems of lagging GUI.
15/9 -01 Fixed a problem with programs containing a bound import
directory.
10/10 -01 PolyEnE now saves the settings.
Commandline-support. Use:
polyene.exe <filename.exe>
or just drop a file on polyene.exe in explorer.
In this case PolyEnE starts the processing immedietly, using
the current settings. When finished, it shuts down silently.
GUI-fix: the dialogbox with the progressbars is now centered.
Advanced from v0.01 pre-alpha to v0.01 alpha.
14/10 -01 Supports files with other section alignment than 1000h even
under Win2k.
16/10 -01 Commandline-support now works.. Maybe I should really test the
features that I add before releasing the program in the future.. ;)
Minor optimizations in the (de)compression algorithm.
A lot of testing.. Released as v0.01 alpha r2.
20/10 -01 Compression improved a bit.
Bugfix: Some non-PE files crashed PolyEnE.
21/10 -01 A couple of bugfixes. The "Encrypt"-button now become disabled
when a file is under progress, preventing a nasty crash.
22/10 -01 Added exceptionhandling in the resource-restructioning. This
prevents crashes for programs that are already wrapped. It's
not sure that the output works, though.
28/10 -01 Multilanguage support! You can create your own tranlations too,
using Language.exe. Install your languagefile (*.plf) by dragging
and dropping it on polyene.exe. English and Swedish included.
Released as v0.01 beta 1.
29/10 -01 Finally found the bug that caused some programs to result in a
0xc0000078 under Win2k.
Improved documentation a bit.
31/10 -01 Languagefiles now uses compression.
5/11 -01 Languagefiles may be installed during runtime by dragging and
dropping the .plf-file in PolyEnE's mainwindow.
7/11 -01 Removes relocations if found.
8/11 -01 Fixed Win2k-related bug.
10/11 -01 Removed CMOVx-instructions for Pentium Plain compability.
(CMOVx's were not supported until the Pentium Pro-series).
Improved import-handling a bit for better compression. Support
for ordinal imports are only included in the loader of needed.
Released as v0.01 beta 2.
22/11 -01 Variable windowsize for compression.
Disabled "Scramble loader"-checkbox.
23/11 -01 Fixed some bugs that the news in the compressionalgorithms
caused.
Released as v0.01! First non-beta version!
3/12 -01 Started to write on new polymorphic engine.. Will probably be
used in v0.02..
16/12 -01 Improved compression, especially for small windowsizes..
Released as v0.01+.
Known bugs:
Files that are already wrapped by another wrapper will probably
not run after PolyEnE tried to wrap it. This is a common
problem that most wrappers have. PolyEnE is at least compatible
with itself. ;)
"Scramble loader" is disabled since it crashes the program most
times. No use to fix that now since I plan to rewrite the whole
polymorphic engine someday.
PolyEnE always removes all overlays from the programs. Only the
header and the sections described in the sectiontable are
included. This is mostly a problem with setupprograms and some
"data-to-executeable"-programs.
Compression is not very impressive. That's because I'm
using my own LZ-based algorithm, called QPC ("Quite Poor
Compression"). Maybe it'll be improved someday..
不公开也得给偶一份哦。
