首页
社区
课程
招聘
[下载]Obfuscator for the x86 assembler
发表于: 2009-2-12 09:52 3417

[下载]Obfuscator for the x86 assembler

2009-2-12 09:52
3417
Obfuscator for the x86 assembler

Obfuscator is a tool to modify x86 assembler source code in this way to
make an analysis of compiled code very difficult.
It is an unusual tool and the target audience is quite small, but if you're writing
assembler code and you want to protect your work from decompilation or just to
make it as hard as it's possible to analyze, you might want to try it.

Features list:
MASM syntax only, processing of @@ labels, detection of local variables, constant
equ values, and numbers in different formats (hex, dec)
changing code execution flow (non linear code path) - it's usefull against all kinds
of debuggers, analysis of such code is very "unpleasant"
mutation of original instructions into series of other equivalent opcodes -
obfuscator can mutate both arithmetic and logical opcodes
hiding of direct calls to functions (including WinApi calls)
inserting garbage opcodes between real instructions (so called "junks")
inserting fake instructions between real ones, 32/16/8 opcodes are generated
no support for code with assume directives
obfuscated code is slower than the original code


http://www.pelock.com/products/obfuscator/download

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 1
支持
分享
最新回复 (3)
雪    币: 14
活跃值: (18)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
代码混淆机……
2009-2-13 13:14
0
雪    币: 205
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
这是干嘛的?
2009-2-14 19:32
0
雪    币: 437
活跃值: (273)
能力值: ( LV12,RANK:240 )
在线值:
发帖
回帖
粉丝
4
在代码中加入垃圾 比如
  MOV     EDX, DWORD PTR [ESP]           
  PUSH    0F68
  MOV     DWORD PTR [ESP], ECX
  PUSH    ESP
  POP     ECX
  ADD     ECX, 4
  ADD     ECX, 4
  XCHG    DWORD PTR [ESP], ECX
  POP     ESP

这个相当于 pop edx
2009-2-14 20:00
0
游客
登录 | 注册 方可回帖
返回
//