• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 877
  • Last Modified:

Executable Compressor

hi,

I want to know how to make an executable compressor, like aspack...

can anyone help, with examples please . . .
0
D-Master
Asked:
D-Master
1 Solution
 
MannSoftCommented:
I think that's probably a pretty complicated subject that'll require a bit of studying.

It's not written in Delphi, but UPX (http://upx.sf.net) is opensource.  You might be able to get some of the logic behind it from there.
0
 
GwenaCommented:
Firstly... FORGET about doing this sort of thing in Delphi..


Your delphi stub that would be placed in front of the compressed exe to decompress it and place it into ram would be way too big... what's the point of compressing an exe to 1/3 original size but then sticking a big Delphi exe in front of it :-(

Do this in C or asm.... Delphi is not suitable for something that must be very tiny...


The hardest part will be figuring out how to place a decompressed exe into ram and then trick windoze into running it just as though it had been loaded from disk.

UPX is great.. and free.. so why re-invent the wheel?

There is also the free Pepack.exe which does a great job of compressing an exe... and it is sooo tiny at 14,848 bytes.

 http://groups.yahoo.com/group/BCX/files/Cool_Tools/Pepack.Exe

Pepack is so small you can just tuck it away inside a delphi exe and pop it out to windows/temp to compress an exe...

Odd thing about pepack is that the first 3 bytes of the exe are 'MZP'  just like a delphi app ???  ...maybe borland used the same signature for it's C compilers.
0
 
D-MasterAuthor Commented:
Dear Gwena
I am not looking for the compression that aspack or upx do,
but when you compress a program in aspack you make it difficult for crackers , but aspack have a decompressor thats why I want to make my own software to make it difficult for crackers (non-professionals) to crack and open...

did you get the point (I want to make a software the crackers didn't yet have its decompressor)

Thanks
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
MunimCommented:
The main part of cracking is to debug. So here is the source for turn off the debugging function at runtime... You may not need to write a compressor...


procedure HaltDebug; assembler;
asm
  push ds
  xor ax, ax
  mov ds, ax
  mov ah, [046Ch]
@@TimerWait:
  mov al, [046Ch]
  cmp al, ah
  je @@TimerWait
  pop ds
end;

procedure AntiOn;
begin
  Port[$21] := Port[$21] or $02;
  Cli;
  Int03 := IntXX;
  Int01 := IntXX;
  Sti;
end;

procedure AntiOff;
begin
  Port[$21] := Port[$21] and $fd;
  Cli;
  Int01 := SaveInt01;
  Int03 := SaveInt03;
  Sti;
end;

begin // copy this code to your project's entry point
  HaltDebug;
  SaveInt01 := Int01;
  SaveInt03 := Int03;
end.
0
 
MannSoftCommented:
When you dont use the VCL, Delphi will make tiny executables.  And since you wouldnt need the VCL for something like this, you wouldnt have to worry about a 300k EXE.
0
 
GwenaCommented:
Hi D-Master :-)

  A cracker can very easily grab the image of the decompressed exe right out of the ram... and with a tiny bit of fixup that image will run..so using a compression scheme to keep them away from the exe won't work. A cracker need not ever use the various decompressors.

  You can't provide protection by trying to keep your exe away from them....they will find it :-/

  Other than key-disks, dongles, or control of the hardware there is no good way to protect your exe.

  You can make life more difficult for crackers but if your work is worth the trouble they will get at it...

p.s. If you delete the UPX markers from the beginning of a compressed exe the built in UPX decompressor won't work any more... basically just use a file editor like FrHed.exe to overwrite these markers...just remove any mention of UPX and the file won't decompress any more.

Here is what you get when you try to decompress such an exe...

C:\WINDOWS\Desktop>upx -d portie.exe
                     Ultimate Packer for eXecutables
               Copyright (C) 1996, 1997, 1998, 1999, 2000
UPX v1.02        Markus F.X.J. Oberhumer & Laszlo Molnar        Sep 13th 2000

        File size        Ratio      Format      Name
   -------------------   ------   -----------   -----------
upx: portie.exe: CantUnpackException: file is modified/hacked/protected; take ca
re!!!

Unpacked 0 files.


If you not only remove the markers but also insert bogus markers for some other compressor then you might cause a few minutes of grief for the casual cracker :-)

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now