Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Highly self modifying code (https://forum.exetools.com/showthread.php?t=17924)

chants 09-14-2016 12:05
Highly self modifying code
 
Greetings,

Is anyone aware of any resources regarding highly self-modifying code? I mean code that implements something like a cryptography algorithm but in an innovative and clever way where the self-modifications are vital to the algorithm and non-trivial. As such, flattening it would require unwrapping it using directed acyclic graph and not the more simpler temporal methods, as it would not depend on time but also how the program had modified itself previously based on input.

It would be interesting to see a practical example of this, if its ever been successfully done. It could be processor e.g. x86 centric. It is interesting to me that we have not seen models of how to look at the processor opcodes in terms of generating self-modifying algorithms. Compilers have not really focused much on it beyond overlays in the old days which is generally trivial to unwrap. I suppose the data-flow and code-flow analysis required would be very sophisticated. But as protection and anti-protection mechanisms advance, I predict this field of study will inevitably gain a lot of information at some point.

an0rma1 09-21-2016 17:46
Do you mean selmodifying in runtime or run-to-run? I've seen a lot of typical exe wrappers and encoders with complex cryptos for decrypting at runtime, and generating countless version in each iteration.
But i suposse you are talking of much more sophisticaded algos and uses for them?


All times are GMT +8. The time now is 11:23.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX