| |
bugjam
Registered: Apr 2003 Posts: 2589 |
WANTED: SYS-lines from common packers
Hi all,
as the problem pops up time and again that cracks are added here with their attribution to a certain group based on the SYS-line, where it turns out that it is just packed with the group's packer, I'd like to request that we gather as much info on such packers as possible with the respective SYS-lines that they produce; the list could then be even added to the csdb rules, to avoid such confusion in the future (at least to be cautious in such cases and look for further evidence).
I've made that mistake myself several times, and it is very frustrating to create entries only to delete them afterwards, because one didn't know.
What do you guys think?
Best,
Bugjam |
|
... 20 posts hidden. Click here to view all posts.... |
| |
Trash
Registered: Jan 2002 Posts: 122 |
Quote: Trash:
Both yes and no.
To make an automated process would require a bit of clever programming and well to get the whole parser and unpacker to cooperate. That way I haven't really thought about.
But to make it manually would be something like this:
-Check the sys-line. If sys-line seems "okay" and hasn't been altered. Get sys-line store into Database where table is "group" and "sys-line.
ELSE
-unpack %filname.prg% check packername... etc :P
Yeah this is very bread and butter explanation but the main thing is to map the packer used.
Hope you get my "idea" ;)
I get the idea, but I think it wont be enough to cover all versions timecruncher and other commonly used crunchers with x^55 different versions. I believe that at least footprinting the the primary depacker and possibly the intro should be the way to go. That way (if you just footprint the irq-part of the intro) you also get a nice database of what intro is used for a certain release.
But as I said, it would be hard with emphasis on every single letter in hard... |
| |
j0x
Registered: Mar 2004 Posts: 215 |
I'd recommend having a chat with MdZ. I think his PreserveC64DB V.1.2 might be capable of large scale sys-line harvesting. |
Previous - 1 | 2 | 3 - Next |