Binary Analysis
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Driver circumventing checksum based tamper-resistance in user-space exes.. Nov 17 2006 05:40AM
Vinay A. Mahadik (vamahadik fastmail fm)
This is based on Shadow Walker(idea and code both)/"inverse-Pax" applied
to user-space executables instead. Idea can be used to reverse ring3
executables that have self-checksums in place for tamper resistance.
Basically, user-space exes can be code-patched arbitrarily - the exe's
self-checksums do ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus