informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/virus/DOCUMENTATION/ultimute.txt

77 lines
4.0 KiB
Plaintext
Raw Blame History

ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
The ULTImate MUTation Engine .93á (c) 1993 Black Wolf Enterprises
pardon the title, had to think of something... }-)
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ULTIMUTE is a mutation engine written for security-type applications and
other areas where mutation of executable code is necessary. For my personal
use, I have implemented it in Black Wolf's File Protection Utilities,
using it to encrypt the code placed onto EXE's and COM's to protect them
from simple modification and/or unauthorized use. The encryption algorithms
themselves are terribly simple - the main point being that they change
each time and are difficult to trace through. This engine is written mainly
to keep a "hack one, hack 'em all" approach from working on protected code,
rather than to keep the code secure by a cryptologist's point of view.
Note: Please - this program and it's source have been released as freeware,
but do NOT use the mutation engine in viruses! For one thing, the
decryptor sequence has several repetitive sequences that can be scanned
for, and for another, that just isn't what it was designed for and
I would NOT appreciate it. If you MUST use someone else's mutation
engine for such, use the TPE or MTE. I do NOT condone such, however.
Please notify me if you release a program utilizing this engine -
I'd like to keep track of it if at all possible, and I may have an
improved version available.
MODIFICATIONS: Any modifications made to this program should be listed
below the solid line in the source code, as well as directly after this
paragraph in the docs. Tell what was changed along with the name of the
programmer and the date the file was changed. Also - source files should
be commented where changed. If at all possible, report modifications to
file to the address listed in the documentation for BWFPU21s.
Changes to Date:
None 08/05/93 - initial release date (add mod's below)
DISCLAIMER: The author takes ABSOLUTELY NO RESPONSIBILITY for any damages
resulting from the use/misuse of this program. The user agrees to hold
the author harmless for any consequences that may occur directly or
indirectly from the use of this program by utilizing this program/file
in any manner. Please use the engine with care.
USAGE: ULTIMUTE must be included as an object file into your program.
To use, put the following lines at the top of your code....
extrn _ULTMUTE:near, _END_ULTMUTE:byte, Get_Rand:near
extrn Init_Rand:near
Then, when you want to use it to encrypt code, use the following registers:
ENTRY:
CX=Code Length BX=New_Entry_Point
DS:SI=Code AX=Calling Style
ES:DI=Destination 1=Near Call, 2=Far Call, 3=Int Call
RETURN:
CX=New Size ES:DI = Same, now contains encrypted code
w/decryptor
The code from DS:SI of length CX will be taken and encrypted. The decryptor
and encrypted code will be placed at ES:DI. BX should be the location that
the decryptor will be in memory when it receives control - for example, if
it is to be at the beginning of a .COM file, it should be set to 100h.
AX determines how ULTIMUTE will return to your code, if it is set to 1
(the normal case) then it will simply do a RETN - ax=2 will give a RETF
and ax=3 will give an IRET. When ULTIMUTE is done, CX will equal the new
code size for the decryptor/encrypted code. All other registers are saved.
As I said before, please use the engine responsibly - and NOT IN VIRUSES!
For Questions/Comments, contact the address listed in BWFPU21s.DOC.
Remember - Freedom of Information brings a great responsibility to us.
We must fight for that right - but don't abuse it once you get it.
Black Wolf
Reference in New Issue View Git Blame Copy Permalink