Exe packer prevent DB Query Analyzer from beging debugged

Exe packer prevent DB Query Analyzer from beging debugged

MA Gen-feng

( GuangDong Unitoll collection incorporated, GuangZhou 510300)

1 Introduction

How to prevent others from debugging your exe file to protect intellectual property rights?

It’s a quite common problem always trouble the Software Developer. Creating an exe packer for your program is an usual practice. Thus, others get not any known which files are the executive code.

When the system is boot, firstly, the packer application is started. Then the packer will allocate memory and process handle for the exe code. Finally, The packer is shutdown and the replacement is booted.

2 Brief introduction of DB Query Analyzer

DB Query Analyzer is a tool present by Master Genfeng Ma, the Chinese software developer. During he long time work in the development of database application system, He deeply realized it is very hard to familiarize with so many database clients as ORACLE, DB2, Sybase, Informix, MS SQL Server and so on.

DB Query Analyzer provides the unification interface to access those RDBMS Productions. User can not only access, manage and maintenance Database or MS EXCEL Files conveniently, but also can have a good know of DD according to Every Database. What is more, it is easy to rectify the mistake of the Function names, Stored Procedures and Key Words input by user because the correct Function names, Stored Procedures and Key Words will be drew different color in DB Query Analyzer.

3 Exe packer in DB Query Analyzer

DB Query Analyzer is a tool that is protected by a shell designed by Master Genfeng Ma. So that no one can debug the executable file.

Firstly the executable file is divided into four files and each file is encoded by the program developed by Genfeng Ma. This is shown in Fig 1.

Fig 1 The executable file is divided into five encoded parts

Then if you start DB Query Analyzer, the file named DBQueryAnalyzer.exe will decode the four encoded files firstly and make them into a single file. Furthermore DBQueryAnalyzer.exe will allocate the memory and process handle for the single file above.

Finally, DBQueryAnalyzer.exe is shutdown and the replacement is booted.

The process how DB Query Analzyer is boot is shown in Fig 2.

Fig 2 How does exe packer load the executive code of DB Query Analyzer

4 The shortcomings of anti-virus software

Some anti-virus software judge file 'DBQueryAnalyzer.ex_' or file 'DBQueryAnalyzer.exe' as avirus foolishly. The only reason may be the shell of DB Query Analyzerby which DB Query Analyzer can protect itself. I do not think the anti-virus software has power ability because file ‘DBQueryAnalyzer.ex_’ or fiel ‘DBQueryAnalyzer.exe’ has no destroy or damage to your computer and has no infection at all. The destructibility or damage and infection are the two foremost charactersof virus.Whatthe shelldoes is just toprevent DB Query Analyzer frombeing debugged.

The author's blog :

Sina blog : http://blog.sina.com.cn/magenfeng

Sohu blog : http://magenfeng.blog.sohu.com/

QQ Space： http://630414817.qzone.qq.com/

CSDN blog : http://blog.csdn.net/magenfeng

CSDN Library : http://download.csdn.net/user/magenfeng