programmers resources
  http://www.intel-assembler.it/  (c)2017 intel-assembler.it   info@intel-assembler.it
 
Search :  
Lingua Italiana    English Language   
Index
 
just an empty assembly space
just an arrow Intel Platform
just an arrow Article & Guides
just an arrow Download Software


23/01/2009 Featured Article: How to remove Buzus Virus (permalink)




:::3277506:::
Bottone Scambio Directory Pubblicitaonline.it
Home Page | Articles & Guides | Download | Intel Platform | Contacts

Google
 


Bookmark and Share
Download 
Tell a friend



Binary Protection Schemes

Code Protection under Linux

(by andrew griffiths)

A guide on code protection and obfuscation under Linux.


This article is online from 3116 days and has been seen 8342 times


Binary protection schemes
by Andrew Griffiths
andrewg@felinemenace.org
Andrew Griffiths Binary protection schemes, revision 1.0-prerelease- 0.7 1 / 98
.Table of Contents
.Foreword
.Software that may be of interest
.Free/Open software
.Commercial software
.Skill honing
.Designing protection systems by counter- example
.Why counter- example?
.Warming up
.Changing the flow of execution
.Patching the program on- disk file and process memory
.Keeping it all in plain sight
.Turning a program against itself
.Conclusion
.Methods for implementing license schemes
.Aims
.Discussion
.Complex number of checks
.Server contact
.Encrypted functions / data
.Conclusion
.Binary modifications
.Introduction
.Aims
.Encryption
.Obfuscation of the text segment
.Loading executables in user- space
.Tying binaries to a host
.Per page encryption
.Per function encryption
.Conditional code obfuscation
.Running line
.Obfuscation
.What is obfuscation?
.Source level
.Assembly level
.Two-processes
.Summary
.Anti-analysis techniques
.Run- time analysis
.Emulators
.Debuggers
.Static analysis
.Indirect code flow change
.Andrew Griffiths Binary protection schemes, revision 1 0-
.Inserting bytes in- between instructions
.Use the same bytes for multiple instructions
.Dynamic content
.Applicable to both
.Opaque conditionals
.Build code on the stack to execute
.Modifying the ELF headers
.Running line
.Embedded languages
.Anti-dumping techniques
.General things for consideration
.Key / data storage
.Virtual CPU
.Generating the key from the environment
.Storing / Getting the keys inside the binary
.Crypto usage
.Things to be wary of
.Watermarking
.Personalising a copy to them
.Proof of ownership
.Storing the watermark
.General notes
.Conclusion
.Summary
.The future / closing thoughts
.Feedback and thanks
.A brief overview on ELF
.What is ELF?
.A quick breakdown of ELF
.Executable Header
.Program Headers
.Section Headers
.Mammon's gdbinit file display
.Andrew Griffiths Binary protection schemes, revision 1 0-prerelease- 0 7 3 / 98
.Foreword

*** download file for full text ***


Top
Download 
Tell a friend
Bookmark and Share



Similar Articles

Anti Debugging Tricks Analysis
Notes by M.Forrest on 'Anti Debugging Tricks'
(by Michael Forrest)

Anti Debugging Tricks Rel.2
Tecniche di Antidebug in assembler
(by Inbar Raz)

Anti Debugging Tricks Rel.5
Antidebugging techniques
(by Inbar Raz)

Anti-Debugger Techniques
Assembler techniques for protecting code
(by Anonymous)

Applied Binary Code Obfuscation
Obfuscation in assembler
(by N.George, G.Charalambous)

Avoiding Windows Rootkit Detection
Bypassing PatchFinder 2
(by Edgar Barbosa)

Bifurcation of variables
An approach at protecting program functions
(by Lord Soth)

Code Concealment
Come sigillare il proprio codice
(by Demogorgon)

Copylok
Documento tecnico di analisi sul Copylok
(by Kilby)

Extending DOS Executables
How to modify a Windows executable relocating code
(by Digital Alchemist)

How to undongle
hardware key debugging with softice
(by Xoanon)

Keep Your Code Hidden From Prying Eyes
Tecniche di back-jump nel codice
(by Demogorgon)

Reverse engineering: Anti-cracking Techniques
How to protect your code in 24 pages
(by N.George, G.Charalambous)

Windows Anti-Debug Reference
Several anti-debugging techniques used on Windows
(by Nicolas Falliere)

Writing Self-Modifying Code
Utilizing Advanced Assembly techniques
(by Russell Sanford)

Xoanon-flags
A debugging session in some old protection scheme
(by Xoanon / Pinnacle)

Xoanon-timelock
A debugging session on an old protection scheme
(by Xoanon / Pinnacle)

Yodas Protector 1.02
An exe protector with antidebug, antidump
(by Ashkbiz Danehkar)

 Tags: antidebug, protection


webmaster jes
writers rguru, tech-g, aiguru, drAx

site optimized for IE/Firefox/Chrome with 1024x768 resolution

Valid HTML 4.01 Transitional


ALL TRADEMARKS ® ARE PROPERTY OF LEGITTIMATE OWNERS.
© ALL RIGHTS RESERVED.

hosting&web - www.accademia3.it

grossocactus
find rguru on
http://www.twitter.com/sicurezza3/
... send an email ...
Your name

Destination email

Message

captcha! Code