Locreate: An Anagram for Relocate

Author Skape
Author email
Description Abstract: This paper presents a proof of concept executable packer that does not use any custom code to unpack binaries at execution time. This is different from typical packers which generally rely on packed executables containing code that is used to perform the inverse of the packing operation at runtime. Instead of depending on custom code, the technique described in this paper uses documented behavior of the dynamic loader as a mechanism for performing the unpacking operation.This difference can make binaries packed using this technique more difficult to signature and analyze, but only when presented to an untrained eye. The description of this technique is meant to be an example of a fun thought exercise and not as some sort of revolutionary packer. Infact, its been used in the virus world many years prior to this paper.
Image no image available
Size 146.67kB
Date Wednesday 24 January 2007 - 01:00:41
Downloads 781
0/5 : Not rated