Hello and i hope that you will enjoy this post :),
I am also working one a few project i will share later.
Now pack to topic, today i will talk about packer.
There are a few packer, such as upx and mpress.
We will focus since it support .net and upx does not.
A packer, do the following taking the PE/APP (PE = Portable Executable).
And use a compression methood such as gzip,zip our equal.And store the orginal application / .dll as resource. During runtime the Application is decompressed and executed.
This is have the following inpact, it lower the since and can be used to bypass Anit Virus solution since the file it self compressed does not contain in most case any bad "data". How ever it's not fail and can easily be unpacked, just doing the decompression but with out executing the PE.
To be continue, as soon i have more spare time :3
MPRESS website: http://www.matcode.com/mpress.htm
Inga kommentarer:
Skicka en kommentar