Small .exes in C

jj2007 · September 09, 2017, 09:15:02 PM

Quote from: aw27 on September 09, 2017, 07:01:18 PMThe push 0 is to make sure the string will be null terminated.

No need for that, RichMasm takes care of that zero.

aw27 · September 10, 2017, 03:06:27 AM

Quote from: hutch-- on September 09, 2017, 04:47:26 PM
I think you have mis-understood what the code does

@hutch,
I was not aware of your mangle.exe and it looks good for the purpose. Of course, professional hackers, those individuals that have plenty of time and no life, are always able to bypass all defenses.

jj2007 · September 10, 2017, 03:14:17 AM

Just for fun, another one, generated by a RM beta. I am afraid it's not so small - the new limit is about 40,000 characters. "Source" attached, builds fine with qEditor and the old ML 6.14. Surprisingly, there are traces of French in the output - Google translate does strange things nowadays ::)

Code Select

include \masm32\include\masm32rt.inc  ; pure Masm32

.code
start:
  push 5296
  call @F
  ...

To Olly, it looks Chinese, but it isn't:

Code Select


00401010              .  E8 C0520000          call 004062D5                     ; ÀLeoWasHere.004062D5
00401015              .  18B6 0D9636B6        sbb [esi+B636960D], dh
0040101B              .  51                   push ecx
0040101C              .  B1 E6                mov cl, 0E6
0040101E              .  0A80 325D2A50        or al, [eax+502A5D32]
00401024              .  87EA                 xchg edx, ebp
00401026              .  FA                   cli
00401027              . E0 57                loopnz short 00401080
00401029              .  50                   push eax
0040102A              >  2A50 87              sub dl, [eax-79]
0040102D              . 70 FB                jo short 0040102A
0040102F              .  D157 A1              rcl dword ptr [edi-5F], 1

hutch-- · September 10, 2017, 11:39:11 AM

Jose,

> are always able to bypass all defenses.

This has always been the case but its a time factor that works for you. Something that is slow, complicated, tedious and highly error prone will beat 99% of them, if you slow up the talented remaining 1% for long enough they often will not bother. The real humour is the vast majority of software would not be worth of having, even if they paid you to use it.

aw27 · September 10, 2017, 04:00:11 PM

@hutch,
I agree. I have many stories with crackers, but the funniest one is this.
Someone told me that some software on my list has been cracked and gave me a link to a board of pirates and crackers where a guy was boasting the feat. I could not post on the site because registration depended on a recommendation from another member. However, the pompous alias of the cracker told me that I might be able to find him somewhere else. Indeed, I discovered that he was the owner of a website dedicated to development of chess engines. I send him a message on the forum of his site showing my appreciation for his efforts to promote the software. :shock:
He said he would compensate me and place a marquee on the top of the main page of the website announcing my software

and he did for a long time. :t
Years later I decided to make that software free and he sent me the following email (tracking details disguised):

To: AW

From:
HisName
HisEmailAddress

Message:
Hello,
I remember you contacted me several years ago on my forum at
domain.com about googol+. I just wanted to say that I am
happy to see that you released it now as freeware. It has always been
in my collection of math software and is one of my favorite utilities.
Keep up the good work and I wish you all of the best in the future. :)

Siekmanski · September 11, 2017, 01:31:57 AM

The MASM Forum

News:

Small .exes in C

jj2007

aw27

jj2007

hutch--

aw27

Siekmanski