PaulDotCom mailing list archives
Nick Harbour's PE-Scrambler
From: xgermx at gmail.com (xgermx)
Date: Thu, 12 Feb 2009 08:29:02 -0600
Nice. Now where can we get a copy? 2009/2/11 Matt Hillman <cybereagle at gmail.com>
PE-Scrambler does a lot more than just play with the PE header. I did a little writeup of its features based on attending his defcon presentation which you can find at the bottom of http://labs.mwrinfosecurity.com/notices.php Its not totally realiable as it doesnt create a working exe every time, but it has some pretty fun tricks up its sleave. 2009/2/10 Adrian Crenshaw <irongeek at irongeek.com>Honestly, I'm not sure which is the better packer to test with. Ed Skoudis just mentioned PE-Scrambler in a class I'm in and that Nick won some contest at DefCon with it. Adrian 2009/2/10 xgermx <xgermx at gmail.com> Not trying to thread jack, but is there a reason why using a tool likePE-Scrambler is better than manually changing PE information with a tool like PE Stud? 2009/2/10 Adrian Crenshaw <irongeek at irongeek.com>Rnicrosoft.com seems to be down, anyone know a trusted source for PE-Scrambler? I know Paul/Larry did some work on it awhile back. Thanks, Adrian _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090212/d3184d06/attachment.htm
Current thread:
- Nick Harbour's PE-Scrambler Adrian Crenshaw (Feb 10)
- Nick Harbour's PE-Scrambler xgermx (Feb 10)
- Nick Harbour's PE-Scrambler Adrian Crenshaw (Feb 10)
- Nick Harbour's PE-Scrambler Matt Hillman (Feb 11)
- Nick Harbour's PE-Scrambler xgermx (Feb 12)
- Nick Harbour's PE-Scrambler Adrian Crenshaw (Feb 10)
- Nick Harbour's PE-Scrambler xgermx (Feb 10)