Thema: Delphi an Exe Packer

Einzelnen Beitrag anzeigen

hathor
(Gast)

n/a Beiträge
 
#5

Re: an Exe Packer

  Alt 5. Nov 2007, 12:04
http://www.petricek.net/bca_olds.tar.bz2

zusammenfalten · markieren
Delphi-Quellcode:
{this program strips any unnecessary info from exe header and add exe-filesize
info to win32 programs (need for win32 sfx to work)}
uses b_crypt;
const
 sec:array[1..3] of longint=($1f8,$220,$248);
 UPX=$21585055;
 UPX1=$30585055;
 UPX2=$31585055;
 UPX3=$32585055;
 shitty:string[255]=
 #10#0'$Info: This file is packed with the UPX executable packer [url]http://upx.tsx.org[/url] $'#10+
 #0'$Id: UPX 0.94 Copyright (C) 1996-1999 Laszlo Molnar & Markus Oberhumer $'#10+
 #0'$Id: NRV 0.61 Copyright (C) 1996-1999 Markus F.X.J. Oberhumer $'#10;
 shitty2:string[255]=
 #0'$License: NRV for UPX is distributed under special license $'#10+
 #0'UPX!';
var
 f:file;
 i,s,t:longint;
 ss:string;
begin
 ss:=shitty;
 writeln('UPX header strip v0.1 by Bilbo');
 writeln('Usage: UPXS <file.exe>');
 if paramcount<1 then halt;
 assign(f,paramstr(1));
 reset(f,1);
 Writeln('Trying DOS UPX...');
 seek(f,$55);
 blockread(f,s,4);
 if s=UPX then begin
  s:=0;
  seek(f,$55);
  blockwrite(f,s,4);
  writeln('DOS: UPX signature removed.');
  close(f);
  halt;
 end else writeln('Error: Not DOS upx exe (',hexl(s),'<>',hexl(UPX),')');
 Writeln('Trying WIN32 UPX...');
 seek(f,60);
 blockread(f,s,4);
 seek(f,s);
 blockread(f,t,4);
 if t=$00004550 then begin
  seek(f,s-4);
  t:=filesize(f);
  blockwrite(f,t,4);
  Writeln('WIN32: Exe filesize written');
  seek(f,$2c5);
  ss[0]:=shitty[0];
  blockread(f,ss[1],ord(ss[0]));
  if ss=shitty then begin
   seek(f,$2c5);
   fillchar(ss[1],ord(ss[0]),0);
   blockwrite(f,ss[1],ord(ss[0]));
   Writeln('WIN32: UPX Comment1 removed');
  end else Writeln('WIN32: UPX Comment1 not found');
  if ioresult<>0 then writeln('WIN32: IO Error.');
  seek(f,$2c5+ord(shitty[0]));
  ss[0]:=shitty2[0];
  blockread(f,ss[1],ord(ss[0]));
  if ss=shitty2 then begin
   seek(f,$2c5+ord(shitty[0]));
   fillchar(ss[1],ord(ss[0]),0);
   blockwrite(f,ss[1],ord(ss[0]));
   Writeln('WIN32: UPX Comment2 removed');
  end else Writeln('WIN32: UPX Comment2 not found');
  if ioresult<>0 then writeln('WIN32: IO Error.');
  {Section rename}
  for i:=1 to sizeof(sec) div 4 do begin
   seek(f,sec[i]);
   blockread(f,s,4);
   if (s=UPX1) or (s=UPX2) or (s=UPX3) then begin
    s:=0;
    seek(f,sec[i]);
    blockwrite(f,s,4);
    writeln('UPX section renamed (',i,').');
   end else writeln('Error: Not UPX section(',hexl(s),')');
  end;
  if ioresult<>0 then writeln('WIN32: IO Error.');
 end else writeln('Error: Not WIN32 PE executable');
 close(f);
end.
  Mit Zitat antworten Zitat