Location:
Search - Protector.s
Search list
Description: 原理:对Pe文件的.data节,.text节进行XOR加密,然后将带解密的Loader写入文件头和第一个段的开头之间,修改Entry Point使其指向Loader.
测试用例:使用vc6.0自动生成的mfc对话框应用程序。
参考文献:(1)def源码
(2)黑客调试技术揭秘
(3)yoda s protector源码
Platform: |
Size: 458407 |
Author: 东南 |
Hits:
Description: 原理:对Pe文件的.data节,.text节进行XOR加密,然后将带解密的Loader写入文件头和第一个段的开头之间,修改Entry Point使其指向Loader.
测试用例:使用vc6.0自动生成的mfc对话框应用程序。
参考文献:(1)def源码
(2)黑客调试技术揭秘
(3)yoda s protector源码
Platform: |
Size: 457170 |
Author: 东南 |
Hits:
Description: 原理:对Pe文件的.data节,.text节进行XOR加密,然后将带解密的Loader写入文件头和第一个段的开头之间,修改Entry Point使其指向Loader.
测试用例:使用vc6.0自动生成的mfc对话框应用程序。
参考文献:(1)def源码
(2)黑客调试技术揭秘
(3)yoda s protector源码-Principle: The Pe documents. Data section,. Text section to XOR encryption, and then will take declassified documents Loader write head and the first between the beginning of paragraph, modify Entry Point to point Loader. Test cases: the use of vc6. 0 automatically generated mfc dialog application. References: (1) def source (2) debug technology hackers Secret (3) yoda s protector source
Platform: |
Size: 457728 |
Author: 东南 |
Hits:
Description: 原理:对Pe文件的.data节,.text节进行XOR加密,然后将带解密的Loader写入文件头和第一个段的开头之间,修改Entry Point使其指向Loader.
测试用例:使用vc6.0自动生成的mfc对话框应用程序。
参考文献:(1)def源码
(2)黑客调试技术揭秘
(3)yoda s protector源码-Principle: The Pe documents. Data section,. Text section to XOR encryption, and then will take declassified documents Loader write head and the first between the beginning of paragraph, modify Entry Point to point Loader. Test cases: the use of vc6. 0 automatically generated mfc dialog application. References: (1) def source (2) debug technology hackers Secret (3) yoda s protector source
Platform: |
Size: 456704 |
Author: 东南 |
Hits:
Description: Ms-Rem 写的进程保护例子
驱动是VC版
例子调用是DELPHI,
先用驱动加载工具加载驱动 Protector.sys
然后在启动例子,例子程序即被保护。
-Written by Ms-Rem-driven process is the protection of examples of examples of VC version is called DELPHI, first drive to load drivers loading tool and then start the example Protector.sys, for example, was the protection of the procedure.
Platform: |
Size: 9216 |
Author: r00tsh3ll |
Hits:
Description: 加壳机(vc源码)源码在vc7+xp-sp2下编译通过
原理:对Pe文件的.data节,.text节进行XOR加密,然后将带解密的Loader写入文件头和第一个段的开头之间,修改Entry Point使其指向Loader.
测试用例:使用vc6.0自动生成的mfc对话框应用程序。
参考文献:(1)def源码
(2)黑客调试技术揭秘
(3)yoda s protector源码
存在问题:只对.data节,.text节加密,且其中不能包含Resource,Import Table.....等结构,通用性很差
下图为测试用例的section table和directory table。 工具打包源码。加壳机
试用例.
加壳机源码.
加壳机静态mfc
-Packers machine (vc source) source in vc7+ xp-sp2 compiled by Principle: The Pe file. Data section,. Text section to XOR encryption, decryption of the Loader and then written to a file with the first and the beginning of a paragraph between the modified Entry Point to point Loader. test case: automatically generated using vc6.0 mfc dialog application. References: (1) def source (2) hackers debug Uncovered (3) yoda' s protector Source problem: only. Data section,. Text section of encryption, and which can not contain Resource, Import Table ..... structure of , generic photo shows poor test case under the section table and directory table. Tool Package source. Packers machine trial cases. Packers machine source. Packers machine static mfc
Platform: |
Size: 497664 |
Author: 程光 |
Hits:
Description: 因特网的迅猛发展给企业运作带来了极大的方便,但同时因特网也面临着空前的威胁。因此,如何使用有效可行的方法使企业网络威胁降到最小,引起了越来越多企业的关注。而防火墙在企业网络安全中扮演了一个举足轻重的角色,成为企业网络安全的保护者之一。
这里所研究的内容就是中小型企业防火墙设计。我们通过软件防火墙和硬件防火墙两个方面来研究该课题。并针对企业网络所受威胁,进行企业防火墙的方案设计。
关键词:网络安全,中小型企业,防火墙
-The rapid development of the Internet brought great convenience to business Operations, but at the same time, the Internet is also faced with an unprecedented threat. Therefore, how to use effective and feasible method to minimize the threat to corporate networks is causing more and more company’s attention. The firewall in the enterprise network security plays a pivotal role as the protector of enterprise network security.
The content of this study is the design of small and medium enterprise firewall. We study enterprise firewall through software firewall and hardware firewall. Also we design and conduct of the corporate firewall according to the threats against corporate networks.
Keywords:Network Security, small and medium enterprise ,firewall
Platform: |
Size: 1756160 |
Author: 张伟韬 |
Hits:
Description: WSUnpacker是一个“通用”脱壳机,之所以在通用前面添加了双引号是因为目前的通用脱壳引擎能力很有限,只能脱压缩壳-目前带有的脱壳函数:
aspack
bjfnt
dxpack
fsg
nspack
pecompact
pepack
upx
winupack
yoda s Cryptor
yoda s protector
petite 2.2- 2.3
telock 0.8x- 0.9x
acprotect 1.41- 2.1x
asprotect 1.3x- 2.4x
rlpack 1.21 full edition
pespin 1.32
Platform: |
Size: 377856 |
Author: whwei |
Hits:
Description: Vision-Based Pedestrian Detection The PROTECTOR System
Platform: |
Size: 774144 |
Author: vinayak |
Hits: