Exe packer prevent DB Query Analyzer from beging debugged
( GuangDong Unitoll collection incorporated, GuangZhou 510300)
How to prevent others from debugging your exe file to protect intellectual property rights?
It’s a quite common problem always trouble the Software Developer. Creating an exe packer for your program is an usual practice. Thus, others get not any known which files are the executive code.
When the system is boot, firstly, the packer application is started. Then the packer will allocate memory and process handle for the exe code. Finally, The packer is shutdown and the replacement is booted.
2 Brief introduction of DB Query Analyzer
DB Query Analyzer is a tool present by Master Genfeng Ma, the Chinese software developer. During he long time work in the development of database application system, He deeply realized it is very hard to familiarize with so many database clients as ORACLE, DB2, Sybase, Informix, MS SQL Server and so on.
DB Query Analyzer provides the unification interface to access those RDBMS Productions. User can not only access, manage and maintenance Database or MS EXCEL Files conveniently, but also can have a good know of DD according to Every Database. What is more, it is easy to rectify the mistake of the Function names, Stored Procedures and Key Words input by user because the correct Function names, Stored Procedures and Key Words will be drew different color in DB Query Analyzer.
3 Exe packer in DB Query Analyzer
DB Query Analyzer is a tool that is protected by a shell designed by Master Genfeng Ma. So that no one can debug the executable file.
Firstly the executable file is divided into four files and each file is encoded by the program developed by Genfeng Ma. This is shown in Fig 1.
Fig 1 The executable file is divided into five encoded parts
Then if you start DB Query Analyzer, the file named DBQueryAnalyzer.exe will decode the four encoded files firstly and make them into a single file. Furthermore DBQueryAnalyzer.exe will allocate the memory and process handle for the single file above.
Finally, DBQueryAnalyzer.exe is shutdown and the replacement is booted.
The process how DB Query Analzyer is boot is shown in Fig 2.
Fig 2 How does exe packer load the executive code of DB Query Analyzer
4 The shortcomings of anti-virus software
Some anti-virus software judge file 'DBQueryAnalyzer.ex_' or file 'DBQueryAnalyzer.exe' as a virus foolishly. The only reason may be the shell of DB Query Analyzer by which DB Query Analyzer can protect itself. I do not think the anti-virus software has power ability because file ‘DBQueryAnalyzer.ex_’ or fiel ‘DBQueryAnalyzer.exe’ has no destroy or damage to your computer and has no infection at all. The destructibility or damage and infection are the two foremost characters of virus. What the shell does is just to prevent DB Query Analyzer from being debugged.
The author's blog :
Sina blog : http://blog.sina.com.cn/magenfeng
Sohu blog : http://magenfeng.blog.sohu.com/
QQ Space： http://630414817.qzone.qq.com/
CSDN blog : http://blog.csdn.net/magenfeng
CSDN Library : http://download.csdn.net/user/magenfeng