Just a short little side project I started.
Usage is planned to be merely a drag'n'drop-type interface; drop in the tool, watch as it's protected.
Protection:
- Packed
- Encrypted original executable
+ To-do: Switch to Blowfish, quit using a static one-byte key.
- Form of nanomites implemented for protection
+ To-do: Add support for custom mnemonics (Such as one for handling both an XOR and an ADD instruction)
- Mutation engine, for (Primarily) on the stub loader.
Stripping the IAT should probably be done; anti-debug features were removed temporarily, they'll be added back for the final release.
Integrity checks are the biggie that, for the time being, I've left out; a check on the supposed code segment would normally be quite easy, but because I'd have to account for relocations, the checksum would have to be regenerated at runtime, unless I didn't allow the code to be relocated, which could be done by merely stripping relocations or removing support for relocations.
Attached is a sample "Hello world" program that's "protected" by my sample tool, codename Anaconda, as well as the original application for comparison.
Original source code:
Oh, and one last thing: there's no manual obfuscation in either the stub or the parser. The parser manually adds a layer of obfuscation to the stub, as well as multiple layers for the target executable.Code:#include <iostream> int main() { std::cout << "Hello!"; std::cin.ignore(); return 0; }
Reply With Quote![[WIP] Anti-cheat/executable protector](http://ragezone.com/hyper728.png)
