Just made a private release of RASH EXE-cryptor.
The package contains a GUI for EXE-encryption. If someone wants to test it - please email me. New RASH has no compression by itself - only nice and simple XOR-based encryption.
![]()
Just made a private release of RASH EXE-cryptor.
The package contains a GUI for EXE-encryption. If someone wants to test it - please email me. New RASH has no compression by itself - only nice and simple XOR-based encryption.
![]()
Nice!
But KLabs will write decryptor in 5 minutes after they'll get your cryptor![]()
The stub contains decryptor which can be copy pasted. But currently the decryptor contains a two operands trick which fools all AV/generic decryptors - that's why even AVP and VBA cannot decrypt it...
Just fun art...![]()
KAV has comparably weak emulator today. Best ones are in NOD32 and BitDefender. I think they'll decrypt your code in emulator, but they have time limit, because AV can't work indefinitely![]()
The catch not in time. RASH contains instruction that all AV don't support. As a result a wrong key generated.![]()
About strong emulation. Previously RASH has a simple LZW compression with no anti-emulation tricks. Only KAV and VBA32 correctly decompress the code.![]()
They don't need to decrypt your code. The AV will just add your decryption code to their signature files.
matt:
so all rash encrypted would be marked as viruses. imo more intelligent is to extract original entry point from crypted executable an then set up breakpoint on that place. so av won't need decryptor
or one can make cryptor that uses external passwords for de/ crypting, eg. to decrypt & run you must provide password in command line, eg. yourprogram.exe --password mypassword
Yep!Originally Posted by Matt Mahoney
Even if this is an experimental software for fun - without any malicious goal...
Guess, the next step is writing a polymorphic decompressor generator![]()
...or a compressor written in 100% ASM...![]()
![]()
> ...or a compressor written in 100% ASM...
That's not a very creative idea.
And also with algorithms like your LZW it might be actually
simpler to write in asm as complex control flow is harder to
express with C and the like.
...Also is there any reason at all to care about compressor's size?
Nope. But sometimes in ASM we may add an extra hand tuned optimizations...Originally Posted by Shelwien
![]()
1. Prove yourself that you are programmer, not java_coding_monkey.Originally Posted by Shelwien
2. Microcontollers: car electronics, RFIDs, emmbedded software, etc.
Actually, I think not need to prove anything to anyone. If youre mature programmer you may do programming on any language and compiler without things like Delphi is for lame kids ASM is for cool programmers... You know what I mean...Originally Posted by nimdamsk
![]()
You need a small decompressor for self extracting archives, or high ranking on LTCB![]()
Could i try out the RASH? I could not find your email address, encode, so i am posting here. My email is contact@renderarmy.com Thanks in advance!!!!
Just sent a link to you. You may remove your email address from the post.![]()
Where is the download link ?
Download link is hidden...Originally Posted by rkn
![]()
I do not post it, because RASH will be added to Anti-Virus databases, even before actual release. Currently, I've made some ASM driven decryption and decompression for RASH... Which will be in next "releases".![]()