Author Topic: garble(poly) tool for nasm  (Read 3028 times)

Offline hannibal

  • Jr. Member
  • *
  • Posts: 2
garble(poly) tool for nasm
« on: December 14, 2012, 03:04:10 AM »
current compilers want to min the size and optimize execute speed.
but, maybe i want a compiler,whose purpose is anti-analysis.

so ,i made unest.org, it support nasm language,intel x86 instruction,output binary code.


Demo:

source code:
Code: [Select]
[bits 32]
%define Key 0cccccccch
%define dwFlag 04013f4h

mov edi,dwFlag
mov eax,dword [edi]
cmp eax,Key
jz @1
mov eax,0
jmp @2
@1:
mov eax,Key
@2:
mov dword [edi],eax

download: http://www.unest.org/demo/demo.php

after download,load it with ollydbg or other debugger tools.

like this picture:





if you change the key before you run it,then you will see the result as same as the source code.
when the key is not 0cccccccch,the dword memory will been set by 0.

the important is : the code been garble(poly) each you download it.

if you want to try my little toy,contact me to get invitation code

Offline Keith Kanios

  • Full Member
  • **
  • Posts: 383
  • Country: us
    • Personal Homepage
Re: garble(poly) tool for nasm
« Reply #1 on: December 14, 2012, 03:36:54 AM »
but, maybe i want a compiler,whose purpose is anti-analysis.

It's called Perl :P

Offline hannibal

  • Jr. Member
  • *
  • Posts: 2
Re: garble(poly) tool for nasm
« Reply #2 on: December 14, 2012, 05:18:37 AM »
er...perl... but it doesn't modify the code each you compile it
« Last Edit: December 14, 2012, 01:40:47 PM by hannibal »

Offline Bryant Keller

  • Forum Moderator
  • Full Member
  • *****
  • Posts: 360
  • Country: us
    • About Bryant Keller
Re: garble(poly) tool for nasm
« Reply #3 on: December 14, 2012, 09:09:33 PM »
er...perl... but it doesn't modify the code each you compile it

I think Keith was making a joke at how difficult some PERL code is to read, ie "anti-analysis". I can't say I personally agree. :P

About Bryant Keller
bkeller@about.me

Offline Keith Kanios

  • Full Member
  • **
  • Posts: 383
  • Country: us
    • Personal Homepage
Re: garble(poly) tool for nasm
« Reply #4 on: December 14, 2012, 11:47:47 PM »
[offtopic]

I think Keith was making a joke at how difficult some PERL code is to read

Correct... thinly veiled sarcasm :)

Two of my favorite Perl quotes:

Quote
Perl is the only language where you can bang your head on the keyboard and it compiles.

Quote
Perl - The only language that looks the same before and after RSA encryption.

[/offtopic]