Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ PE-Packer - A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š PE-Packer - A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly


๐Ÿ’ก Newskategorie: IT Security Nachrichten
๐Ÿ”— Quelle: feedproxy.google.com


PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering.

It will do the following things when packing a PE file:

  • Transforming the original import table.
  • Encrypting sections.
  • Clearing section names.
  • Installing the shell-entry.

When running a packed PE file, the shell-entry will decrypt and load the original program as follows:

  • Decrypting sections.
  • Initializing the original import table.
  • Relocation.

Before packing, using some disassembly tools can disassemble the executable file to analyze the code, such as IDA Pro.

  • Disassembling the code.


  • Searching constant strings.


  • Analyzing the import table.


After packing, the reverse analysis will be obstructed.

  • Disassembling the code.


  • Searching constant strings.


  • Analyzing the import table.


Warning

This project is just a demo for beginners to study Windows PE Format and Assembly Language. It still has some compatibility problems and bugs that cannot be used in practice.


Getting Started

Prerequisites

The project must configure on/for Windows 32-bit and can only process 32-bit .exe programs now.

  • Install MASM32.
  • Install MinGW-w64, select i686 architecture.
  • Install CMake.
  • Set the PATH environment variables of these three tools.

Building
> mkdir -p build
> cd build
> cmake .. -D CMAKE_C_COMPILER=gcc -G "MinGW Makefiles"
> cmake --build .

Or run the build.ps1 file directly:

> .\build.ps1

Usage

To pack a program, you must specify its input name and the output name.

PE-Packer <input-file> <output-file>

For example:

PE-Packer hello.exe hello-pack.exe

Documents

You can use Doxygen to generate the document.

In order to avoid scanning .md files, you must add *.md to the EXCLUDE_PATTERNS configuration option.

EXCLUDE_PATTERNS = *.md

This option is in "Expert" -> "Input" page.


References

ใ€ŠๅŠ ๅฏ†ไธŽ่งฃๅฏ†๏ผˆ็ฌฌ3็‰ˆ๏ผ‰ใ€‹ๆฎต้’ข

PE Format - Windows Dev Center


Contact

GitHub: https://github.com/czs108/

E-Mail: chenzs108@outlook.com

WeChat: chenzs108



...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ GitHub - nemasu/asmttpd: Web server for Linux written in amd64 assembly.


๐Ÿ“ˆ 29.82 Punkte

๐Ÿ“Œ zajo/appler: Apple ][ emulator for MS-DOS, written in 8086 assembly


๐Ÿ“ˆ 29.82 Punkte

๐Ÿ“Œ humungus โ€” an hg server written in Go, supports `go get`, written by a core OpenBSD developer


๐Ÿ“ˆ 27.43 Punkte

๐Ÿ“Œ We know that Linux was written in C but on what platform was it written?


๐Ÿ“ˆ 27.43 Punkte

๐Ÿ“Œ x86-64 Assembly Language Programming with Ubuntu


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ x86-64 Assembly Language Programming with Ubuntu Linux


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ [Squally] - Interactive x86 Assembly Manual!


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ [Squally] - We open sourced our Steam game to teach x86/x64 assembly


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ x86 Assembly: Hello World!


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Assembly mips or X86 or ARM?


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Construindo um web server em Assembly x86, parte II, histรณria e arquitetura


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ step-by-step walkthrough of an x86 assembly stack frame in action (exploit dev series to come)


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Construindo um web server em Assembly x86, parte I, introduรงรฃo


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Step-by-Step Buffer Overflow Exploitation (followup to the x86 assembly stack frame video)


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ Understanding the Flag Register in x86 Assembly Language


๐Ÿ“ˆ 25.93 Punkte

๐Ÿ“Œ fff - A simple terminal file manager written in bash - Version 2.0 released!


๐Ÿ“ˆ 25.86 Punkte

๐Ÿ“Œ Have you ever thought, how much is it easy to learn the Assembly language? Here is a simple Hello World application with a detail explanation to learn it quickly.


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ [sbar] Simple status bar for dwm and other window managers written in posix


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Returning the goodness community gave me : I made a simple and lightweight system cleaner CLI program written in Python.


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Image Roll - my new simple and fast GTK image viewer with basic image manipulation tools. Written in Rust.


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ [OC] TFetch: A fast and simple fetching utility written in C


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ I created SyncThingy: syncthing + simple tray icon written in C++, not more and not less


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Wordlister - A Simple Wordlist Generator And Mangler Written In Python


๐Ÿ“ˆ 23.53 Punkte

๐Ÿ“Œ Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory


๐Ÿ“ˆ 23.29 Punkte

๐Ÿ“Œ As a new x86 CPU Vendor, Chengdu Haiguang IC Design Co., Ltd (Hygon) is a Joint Venture between AMD and Haiguang Information Technology Co., Ltd., and aims at providing high performance x86 processor for China server market.


๐Ÿ“ˆ 23.22 Punkte

๐Ÿ“Œ Hershell - Simple TCP reverse shell written in Go


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ Privateloader CMS V1 - A simple CMS written in PHP


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ pfetch - A simple system information tool written in POSIX sh


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ knaur: a simple, hackable AUR helper written in bash.


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ Privateloader CMS V1 - A simple CMS written in PHP


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ TinkererShell - A Simple Python Reverse Shell Written Just For Fun


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ Feroxbuster - A Fast, Simple, Recursive Content Discovery Tool Written In Rust


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ zauth: Simple 2FA (Two-Factor Authentication) CLI application with support to import/export andOTP files written in go.


๐Ÿ“ˆ 21.74 Punkte

๐Ÿ“Œ Musort - Organize your music library with a simple CLI tool written in Python


๐Ÿ“ˆ 21.74 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software