programmers resources
  http://www.intel-assembler.it/  (c)2017 intel-assembler.it   info@intel-assembler.it
 
Search :  
Lingua Italiana    English Language   
Index
 
just an empty assembly space
just an arrow Intel Platform
just an arrow Article & Guides
just an arrow Download Software


23/01/2009 Featured Article: How to remove Buzus Virus (permalink)




:::3095317:::
Bottone Scambio Directory Pubblicitaonline.it
Home Page | Articles & Guides | Download | Intel Platform | Contacts

Google
 


Bookmark and Share
Download 
Tell a friend



Xoanon-flags

A debugging session in some old protection scheme

(by xoanon / pinnacle)

The flags-faking approach is a debugging technique which avoids use of BMSG xxxx WM_COMMAND.

As an example it uses an old windows program and the SoftIce debugger.

This is the intro from the author: "Well, i decided to write this little essay for everyone (especially newbies) who does not like to spend a lot of time trying to decypher lines and lines of (meaningless?) code inside too many protection schemes. (Xoanon)"
This article is online from 3114 days and has been seen 4366 times



The guide is ZIP compressed (xoanon.zip)


Top
Download 
Tell a friend
Bookmark and Share



Similar Articles

Applied Binary Code Obfuscation
Obfuscation in assembler
(by N.George, G.Charalambous)

Avoiding Windows Rootkit Detection
Bypassing PatchFinder 2
(by Edgar Barbosa)

Bifurcation of variables
An approach at protecting program functions
(by Lord Soth)

Binary Protection Schemes
Code Protection under Linux
(by Andrew Griffiths)

Copylok
Documento tecnico di analisi sul Copylok
(by Kilby)

Extending DOS Executables
How to modify a Windows executable relocating code
(by Digital Alchemist)

How to undongle
hardware key debugging with softice
(by Xoanon)

Xoanon-timelock
A debugging session on an old protection scheme
(by Xoanon / Pinnacle)

Yodas Protector 1.02
An exe protector with antidebug, antidump
(by Ashkbiz Danehkar)

 Tags: protection


webmaster jes
writers rguru, tech-g, aiguru, drAx

site optimized for IE/Firefox/Chrome with 1024x768 resolution

Valid HTML 4.01 Transitional


ALL TRADEMARKS ® ARE PROPERTY OF LEGITTIMATE OWNERS.
© ALL RIGHTS RESERVED.

hosting&web - www.accademia3.it

grossocactus
find rguru on
http://www.twitter.com/sicurezza3/
... send an email ...
Your name

Destination email

Message

captcha! Code