PDA

View Full Version : last words of my day.



Nor
06-21-2002, 03:06 AM
I apologize for not posting much lately.
Studding has started consuming my time.

I started OpenGL/DirectX, API programming, and now asm.
I've been finding a lot of information out on my own.

Reading kernel32 using SI has to proved to be very valuable in my studies.
I've been working on what seems nearly impossible to me.

Trying to stop a debugger has proven a most formidable task.
Taking a break from all of that, I'm finally relaxing
and thought I would just write some ****.

My studies in debugging have taken me from simple debugging to
advance asm level programming.

Trying new methods have shown me that asm knowledge is required.
So is a pack of Marlboros and coffee.

I've been reading "The Art of Assembly Language " and searching for more books like this
that explain anything more advance.

My little mind is wondering so I'm just going off in my world.
Trying to look at the time, I see that I'm going to take awhile on this.

So far I can search int3 (i think, don't remember right now) for patching by debuggers

Search a process over 496 MB in size for and altered code.
Using an almost unlimited number of methods.
In a very efficient amount of time, which on my PC is unnoticeable.
On a 486 w/ onboard graphics (that sux) you can see some degrading.
But that computer is not make for graphics.

And locate the offending process and basically do anything I want to it.
I'm not sure what to do yet but I'll think of something.
Reporting the offender with the edited code would be nice.

I have also found a very nice way of using self changing code. And no static code.
I mean that when my process is load its is scrambled and offsets will never be in the same place twice.
I've going all out on this project. I have till December to complete it to my satisfaction.

Protecting the application file is the hardest part.
Its going to be compressed and encrypted so it will have to unpack itself into memory.
that is the only time it will be venerable to debugging
I will find a way to protect this in time.

All of my scrambling is done in the loading phase of the application. Completely in asm.
I will not go into that procedure but its based on very simple trig.

Finding bugs has to be done by reading the source code.
I have never commented anything so much in my life.

Every damn line in over 600k.
I have two bugs that I know of.
Both really are not bugs.

I'm trying to program it like c++ by using object, vtables, and such.
Just picturing what it would look like in head is the foundation of my design.
Finding an efficient way of coding object inheritance is one bug.

The other is When I destroy my scramble code.
After it is done unpacking the process, it destroys itself.
I have one function that I cant destroy.
Its always at a random offset but still present in memory.
It is a security risk and I must destroy it.

Hopefully you have enjoyed this moment b/c I'm about to crash for the next two day.
What the hell am I saying I'll be up in six hours.
-Nor

salvelinus
06-21-2002, 07:49 AM
Originally posted by Nor
I apologize for not posting much lately.
Studding has started consuming my time.

-Nor
Yeah, that'll do it. Wish I could say the same, but I'm married :)

ober
06-21-2002, 08:07 AM
Originally posted by salvelinus

Yeah, that'll do it. Wish I could say the same, but I'm married :)

LMAO... good one :D

Nor
06-21-2002, 03:10 PM
how many post do you have to have before you can edit the text under your name?

salvelinus
06-21-2002, 03:44 PM
Look at the button at the bottom of your post that says Edit. I believe that's available from the start.
Didn't mean to make fun of your post, it was just too good an opportunity to pass up. Sorry if it upset you.

MethodMan
06-21-2002, 03:49 PM
>> how many post do you have to have before you can edit the text under your name?

If you are taking abou the name above the avatar, then its 400 if im not mistaken.

Nor
06-21-2002, 11:45 PM
Originally posted by salvelinus
Look at the button at the bottom of your post that says Edit. I believe that's available from the start.
Didn't mean to make fun of your post, it was just too good an opportunity to pass up. Sorry if it upset you.

I'm not sure how that would upset me but no offense taken.