-
After the software is written, some people add shells to the software in order to prevent it from being cracked or for other purposes.
The so-called shell is actually a compression algorithm that can compress a program.
Of course, this compression is different from the one of Winrar. For example, let's say a program is 100kb
After using UPX compression, it is about 40-60KB, and after compression, you can use WinRAR to compress it, and it may only be 10+KB.
His principle is very simple, first compress its own program, and then when the other party runs, first put its own program into memory, and release it in memory, of course, this decompression speed is very fast, and you can't feel it.
However, when the program is not running, it is compressed, so it can avoid being cracked, etc.
Here's the key:
What is shelling, the speed of a software will be slightly slower after compression, some people need to shell the software for speed-up, or other purposes such as cracking, so how to take it off.
Generally, each shell compression algorithm is different (it seems to be nonsense), as long as you master its algorithm, you can reverse extrapolate to achieve the purpose of shelling, which is just a relatively common method.
Some people also have a more common method, that is, to execute the program first, so that the program is decompressed in memory, and then the data in the memory is captured and saved to the hard disk.
As for the shelling program and the unshelled ones (provided that the software is shelled).
Generally, the running speed of shell programs will be slightly slower, and the larger programs will be more obvious.
Shelled procedures are generally smaller.
In addition, the shelled ones are not easy to crack, and the general difference is these.
-
That's not interesting. All you need is ollydbg+peid and assembly language.
-
Crack the software, right? I don't know, but I love to crack there is an explanation.
-
After opening it with ultraedit, check the head and tail information of the file and check the shell manually.
-
I don't understand, is there this tutorial on the Internet?
-
It seems that the file is added to the UPX shell, and this shell is the best to take off.
For this kind of shell, the most foolish way to unshell is to use ready-made software to unshell, it is recommended that you first ** a program called "UPX compression and decompressor", open, put the file you want to shell in, and then click "Execution Spring Travel" on the line, and then use PEID to check the vertical width of the shell
Some of the knowledge of manual shelling is more complicated, and it is recommended to accumulate and accumulate it, take a look at the technical articles in this area, such as the "ESP law" and so on, you can learn it
-
Shell breaking refers to the operator using tools to unshell the software to be used.
Some computer software has a section of software that is specifically designed to protect the software from being illegally modified or decompiled. They generally run before the program, take control, and then complete their task of protecting the software.
Since this program has many functional similarities with the shell of nature, such a program is called a "shell" based on the naming rules.
-
1. Breaking the shell is cracking, which is breaking the protection of the software. 2. General piracy is to use this method to open the protection of the application, add some information about the cracker, remove the protection of the software, and so on.
-
A shell is a shell to a file to prevent others from cracking program restrictions or virus infection.
1. Open the 3DMAX software, select Create, Spline, Circle. >>>More
Create a text file on the desktop, change the suffix to bat, right-click on the file, and type ping ** or ip. Or find the file under the C: Windows System32 folder and send the shortcut to the desktop.
1. The sensor is damaged, the contact is poor, or the signal is interrupted; 2. Poor engine maintenance; 3. The quality of fuel and oil is not good; 4. The combustion of the mixture is insufficient; 5. a spark plug. >>>More
Check that the cmd command for the disk is chkdsk, and the following is how to do it >>>More
As long as it is the kind of keyboard that came with the original purchase, it will not wear out the numbers 100%. >>>More