|
|||||
|
|
| PE文件隐型加壳技术的研究与实现* | |
| 引用本文: | 徐向阳,解庆春,刘勇,俞笛,刘寅. PE文件隐型加壳技术的研究与实现*[J]. 计算机应用研究, 2009, 26(1): 337-338. DOI: 10.3969/j.issn.1001-3695.2009.01.102 |
| 作者姓名: | 徐向阳 解庆春 刘勇 俞笛 刘寅 |
| 作者单位: | 1. 湖南大学,计算机与通信学院,长沙,410082 2. 湖南大学,计算机与通信学院,长沙,410082;中国科学院,近代物理研究所,兰州,730000 3. 中国科学院,近代物理研究所,兰州,730000 |
| 基金项目: | 国家自然科学基金委员会重点资助项目(10635090) |
| 摘 要: | 通过对PE(portable executable)文件格式的了解,编写PE分析工具对文件内部结构进行分析。详细介绍了对PE可执行文件加壳的全过程,在此过程中巧妙地使用MD5、CRC32等成熟的hash算法及防API断点跟踪等多种反破解技术,并采用自动隐藏加密方案,大大地提高了软件的保护力度。 |
| 关 键 词: | 可移植的可执行文件 加壳 哈希算法 反跟踪 |
Research and implementation of PE file stealthy shell technique |
|
| XU Xiang-yang,XIE Qing-chun,LIU-Yong,YU-Di,LIU-Yin. Research and implementation of PE file stealthy shell technique[J]. Application Research of Computers, 2009, 26(1): 337-338. DOI: 10.3969/j.issn.1001-3695.2009.01.102 | |
| Authors: | XU Xiang-yang XIE Qing-chun LIU-Yong YU-Di LIU-Yin |
| Abstract: | Wrote an analysis tool at the base of understanding the portable executable file format.It presented the whole processes of the encrypting on the PE file in detail.In these processes,used variety anti-crack techniques such as MD5, CRC32 algorithms of mature hash as well as anti-track from the interrupt of API functions, and also used some methods of automatic hiding and encrypting.The result is that the protection strength of the software is enhanced. |
| Keywords: | PE file shell hash algorithm anti-track |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 | |
| 点击此处可从《计算机应用研究》下载全文 | |