77 lines
4.0 KiB
Plaintext
77 lines
4.0 KiB
Plaintext
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
|
|
The ULTImate MUTation Engine .93á (c) 1993 Black Wolf Enterprises
|
|
pardon the title, had to think of something... }-)
|
|
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
|
|
|
|
ULTIMUTE is a mutation engine written for security-type applications and
|
|
other areas where mutation of executable code is necessary. For my personal
|
|
use, I have implemented it in Black Wolf's File Protection Utilities,
|
|
using it to encrypt the code placed onto EXE's and COM's to protect them
|
|
from simple modification and/or unauthorized use. The encryption algorithms
|
|
themselves are terribly simple - the main point being that they change
|
|
each time and are difficult to trace through. This engine is written mainly
|
|
to keep a "hack one, hack 'em all" approach from working on protected code,
|
|
rather than to keep the code secure by a cryptologist's point of view.
|
|
|
|
Note: Please - this program and it's source have been released as freeware,
|
|
but do NOT use the mutation engine in viruses! For one thing, the
|
|
decryptor sequence has several repetitive sequences that can be scanned
|
|
for, and for another, that just isn't what it was designed for and
|
|
I would NOT appreciate it. If you MUST use someone else's mutation
|
|
engine for such, use the TPE or MTE. I do NOT condone such, however.
|
|
|
|
Please notify me if you release a program utilizing this engine -
|
|
I'd like to keep track of it if at all possible, and I may have an
|
|
improved version available.
|
|
|
|
MODIFICATIONS: Any modifications made to this program should be listed
|
|
below the solid line in the source code, as well as directly after this
|
|
paragraph in the docs. Tell what was changed along with the name of the
|
|
programmer and the date the file was changed. Also - source files should
|
|
be commented where changed. If at all possible, report modifications to
|
|
file to the address listed in the documentation for BWFPU21s.
|
|
|
|
Changes to Date:
|
|
None 08/05/93 - initial release date (add mod's below)
|
|
|
|
DISCLAIMER: The author takes ABSOLUTELY NO RESPONSIBILITY for any damages
|
|
resulting from the use/misuse of this program. The user agrees to hold
|
|
the author harmless for any consequences that may occur directly or
|
|
indirectly from the use of this program by utilizing this program/file
|
|
in any manner. Please use the engine with care.
|
|
|
|
|
|
USAGE: ULTIMUTE must be included as an object file into your program.
|
|
To use, put the following lines at the top of your code....
|
|
|
|
extrn _ULTMUTE:near, _END_ULTMUTE:byte, Get_Rand:near
|
|
extrn Init_Rand:near
|
|
|
|
Then, when you want to use it to encrypt code, use the following registers:
|
|
|
|
ENTRY:
|
|
CX=Code Length BX=New_Entry_Point
|
|
DS:SI=Code AX=Calling Style
|
|
ES:DI=Destination 1=Near Call, 2=Far Call, 3=Int Call
|
|
|
|
RETURN:
|
|
CX=New Size ES:DI = Same, now contains encrypted code
|
|
w/decryptor
|
|
|
|
The code from DS:SI of length CX will be taken and encrypted. The decryptor
|
|
and encrypted code will be placed at ES:DI. BX should be the location that
|
|
the decryptor will be in memory when it receives control - for example, if
|
|
it is to be at the beginning of a .COM file, it should be set to 100h.
|
|
AX determines how ULTIMUTE will return to your code, if it is set to 1
|
|
(the normal case) then it will simply do a RETN - ax=2 will give a RETF
|
|
and ax=3 will give an IRET. When ULTIMUTE is done, CX will equal the new
|
|
code size for the decryptor/encrypted code. All other registers are saved.
|
|
|
|
As I said before, please use the engine responsibly - and NOT IN VIRUSES!
|
|
For Questions/Comments, contact the address listed in BWFPU21s.DOC.
|
|
|
|
Remember - Freedom of Information brings a great responsibility to us.
|
|
We must fight for that right - but don't abuse it once you get it.
|
|
|
|
Black Wolf
|