what a packer/unpacker(or generic) is?

Discussion in 'other anti-virus software' started by beckman16, Jul 31, 2007.

Thread Status:
Not open for further replies.
  1. beckman16

    beckman16 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    5
    Location:
    India
    hi all,
    i want to discuss nd know in depth about packing/unpacking .
    i have decided to work on generic unpacker as my BE project.
    so i want some guidance nd some links/resources which nyone can provide me.
    specially"Karl_Menshy".
     
  2. beckman16

    beckman16 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    5
    Location:
    India
    how PE compression is done?

    how PE compression is done ?
    and why this compression is used?
    Is compression in PE formats easy?
     
  3. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Since you created this thread also in other sub forums here - you really don't expect ordinary forum members here to help you on that topic do you? That topic is so complex (because it involves emulating for a generic unpacker) that nobody is gonna help you. And people who know about it can't waste their time on explaining to you in detail how to do that. That would be weeks / months of posting in a row. Before you pick a topic you should prolly do some research how complex a topic is. You've just picked the most complex topic in computer security for that. Good luck!
     
  4. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Oh yes and to shorten it down: Without being an expert in assembly language you're not gonna go anywhere with this project. You have also to know every os api call, the pe loader, the pe filestructures (section handling, section flags, memory managment and a lot of stack tracing) Then especially good luck with multithreaded and nanomites emulation, you'll need it :D
     
  5. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    Can only agree. Let's see what happen when he comes to VM emulations of Themida or NTKrnl :) There are often guys in companies mainly specialized in this field, while other guys are specialized in other fields. Just to say it's not an easy job.
     
    Last edited: Aug 1, 2007
  6. beckman16

    beckman16 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    5
    Location:
    India
    oh
    thanks Inspector Clouseau n EraserHW.
    for your post.
     
Loading...
Thread Status:
Not open for further replies.