ﭘﺮوژﻩ درس SSD ﻣﻮﻋﺪ ﺗﺤﻮﻳﻞ :ﺳﻪﺷﻨﺒﻪ ۸۹/۱۲/۱۰ﺑﻪ ﺻﻮﺭﺕ ﺣﻀﻮﺭﯼ ) ﺩﺭ ﺻﻮﺭﺕ ﻋﺪﻡ ﺍﻋﻼﻡ ﻧﺎﻡ ﺍﻋﻀﺎ ﺗﺎ ﺗﺎﺭﻳﺦ ۱۰ﺑﻬﻤﻦ ،ﺑﻪ ﺍﺯﺍﯼ ﻫﺮ ﺭﻭﺯ ﺗﺄﺧﻴﺮ ٠.٢٥ﺍﺯ ﻧﻤﺮﮤ ﭘﺮﻭﮊﻩ ﮐﺎﺳﺘﻪ ﻣﯽﺷﻮﺩ(. ﻧﻤﺮﻩ ۶ :ﺍﻟﯽ ۸ ﺍﻳﻦ ﭘﺮﻭﮊﻩ ﺑﻪ ﻧﻮﻋﯽ ﮔﺴﺘﺮﺵ ﺗﻤﺮﻳﻦ ﺷﻤﺎﺭﮤ ٣ﺍﺳﺖ .ﻫﺪﻑ ﺍﺻﻠﯽ ﭘﺮﻭﮊﻩ ﻧﻮﺷﺘﻦ ﻳـﮏ Packerﻭ Protectorﺑـﺮﺍﯼ ﻓﺎﻳﻠﻬـﺎﯼ PEﺍﺳـﺖ. ﺑﺮﺍﯼ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﻓﺮﺿﻬﺎﯼ ﺯﻳﺮ ﺭﺍ ﺩﺭ ﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ: (۱ﺑﺮﻧﺎﻣﻪ ﺷﻤﺎ Prog.exeﻧﺎﻡ ﺩﺍﺭﺩ. (۲ﻭﺭﻭﺩﯼ ﺑﺮﻧﺎﻣﻪ ﻳﮏ ﻓﺎﻳﻞ PEﺳﺎﺩﻩ ﺑﻪ ﻧﺎﻡ In.exeﺍﺳﺖ. Prog.exe (۳ﭘﺲ ﺍﺯ ﭘﺮﺩﺍﺯﺵ ،In.exeﻳﮏ ﻓﺎﻳﻞ PEﺑﻪ ﻧﺎﻡ Out.exeﺭﺍ ﺧﺮﻭﺟـﯽ ﻣـﯽ ﺩﻫـﺪ .ﻓﺎﻳـﻞ Out.exeﺑﺎﻳـﺪ ﻫﻤﺎﻧﻨـﺪ In.exeﺍﺟﺮﺍ ﺷﺪﻩ ﻭ ﺍﺯ ﺩﻳﺪ ﮐﺎﺭﺑﺮﯼ ﮐﻪ ﺁﻥ ﺭﺍ ﺍﺟﺮﺍ ﻣﯽﮐﻨﺪ ،ﺗﻔﺎﻭﺗﯽ ﺩﻳﺪﻩ ﻧﺸﻮﺩ. Out.exeﺩﺭ ﺣﻘﻴﻘﻴﺖ ﻓﺸﺮﺩﻩ ﺷﺪﮤ In.exeﺍﺳﺖ .ﺑﺮﺍﯼ ﺍﻳﻦ ﻣﻨﻈﻮﺭSection Prog.exe ،ﻫﺎﯼ ﮐﺪ ﻭ ﺩﺍﺩﮤ In.exeﺭﺍ ﻓﺸـﺮﺩﻩ ﮐـﺮﺩﻩ ﻭ ﺑﻪ Sectionﻫﺎﯼ ﻣﺘﻨﺎﻇﺮ ﺩﺭ Out.exeﻣﯽﻧﻮﻳﺴﺪ .ﻓﺸﺮﺩﻩ ﺳﺎﺯﯼ IATﻧﻤﺮﮤ ﺍﺿﺎﻓﯽ ﺩﺍﺭﺩ. Out.exe In.exe Header Packed Data Packed IAT )(Optional Loader )(Unpacker Prog.exe Packed Code Header Code Data IAT ﺑﺮﺍﯼ ﻓﺸﺮﺩﻩ ﺳﺎﺯﯼ ﻭ ﻏﻴﺮ ﻓﺸﺮﺩﻩﺳﺎﺯﯼ ﻣﯽﺗﻮﺍﻧﻴﺪ ﺍﺯ ﮐﺘﺎﺑﺨﺎﻧﻪﻫﺎﻳﯽ ﮐﻪ ﺑﺪﻳﻦ ﻣﻨﻈﻮﺭ ﻧﻮﺷﺘﻪ ﺷﺪﻩﺍﻧﺪ ﺍﺳﺘﻔﺎﺩﻩ ﮐﻨﻴﺪ )ﻣﺜﻼً .(zlibﺍﻟﺒﺘﻪ ﺍﻳـﻦ ﮐﺘﺎﺑﺨﺎﻧﻪ ﻧﺒﺎﻳﺪ ﻣﺨﺼﻮﺹ packﮐﺮﺩﻥ ﻓﺎﻳﻞ PEﺑﺎﺷﺪ )ﻣﺜﻞ .(UPX ﻗﺴﻤﺖ دوم: ﻣﺎﮊﻭﻝ loaderﺷﻤﺎ ﺑﺎﻳﺪ ﺳﻪ ﺳﺎﺯ ﻭ ﮐﺎﺭ Anti-Debuggingﺭﺍ ﻧﻴﺰ ﭘﻴﺎﺩﻩﺳﺎﺯﯼ ﮐﻨﺪ؛ ﺑﻪ ﮔﻮﻧـﻪﺍﯼ ﮐـﻪ debuggingﺗﻮﺳّـﻂ OllyDbg ﺍﻣﮑﺎﻥﭘﺬﻳﺮ ﻧﺒﺎﺷﺪ .ﺑﺮﺧﯽ ﺍﺯ ﺳﺎﺯ ﻭ ﮐﺎﺭﻫﺎﯼ Anti-Debuggingﺩﺭ ﮔﺰﻳﻨﻪﻫـﺎﯼ ﺩﻭ Pluginﻣﻌـﺮﻭﻑ ﺍﺯ Olly Advanced) OllyDbg ﻭ (PhantOmﺫﮐﺮ ﺷﺪﻩﺍﻧﺪ )ﺩﺭ ﺣﻘﻴﻘﻴﺖ ﺍﻳﻦ ﺩﻭ Pluginﺳﺎﺯ ﻭ ﮐﺎﺭﻫﺎﯼ Anti Anti-Debuggingﺭﺍ ﻓﺮﺍﻫﻢ ﻣﯽﮐﻨﻨﺪ(: ﺗﺤﻮﯾﻞ: ﻧﮑﺘﮥ :١ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺑﻪ ﺯﺑﺎﻥ ﺩﻟﺨﻮﺍﻩ ﺧﻮﺩ ﺑﻨﻮﻳﺴﺪ .ﭘﻠﺘﻔﺮﻣﻬﺎﯼ ﻭﻳﻨﺪﻭﺯ ﻭ ﻟﻴﻨﻮﮐﺲ ﻣﻮﺭﺩ ﭘﺬﻳﺮﺵ ﺍﺳﺖ. ﻧﮑﺘﮥ :۲ﻣﯽﺗﻮﺍﻧﻴﺪ ﺩﺭ ﻗﺎﻟﺐ ﺗﻴﻤﻬﺎﯼ ۵ﻳﺎ ۶ﻧﻔﺮﻩ ﭘﺮﻭﮊﻩ ﺭﺍ ﺑﻨﻮﻳﺴﻴﺪ. ﻧﮑﺘﮥ :۳ﺗﺤﻮﻳﻞ ﭘﺮﻭﮊﻩ ﺑﻪ ﺻﻮﺭﺕ ﺣﻀﻮﺭﯼ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﻟﻄﻔًﺎ ﺗﺎ ﺗﺎﺭﻳﺦ ۱۰ﺑﻬﻤﻦ ﻧﺎﻡ ﺍﻋﻀﺎﯼ ﺗﻴﻢ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﻣﻦ ﺍﻳﻤﻴﻞ ﮐﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻢ ﺑﺮﺍﯼ ﺷﻤﺎ ﺯﻣﺎﻥ ﺗﺤﻮﻳﻞ ﻣﻌﻴّﻦ ﮐﻨﻢ .ﻫﺮ ﺗﻴﻤﯽ ﮐﻪ ﺯﻭﺩﺗﺮ ﻧﺎﻡ ﺍﻋﻀﺎﻳﺶ ﺭﺍ ﺑﻔﺮﺳﺘﺪ ﻣـﯽﺗﻮﺍﻧـﺪ ﺩﺭ ﺳـﺎﻋﺎﺕ ﭘﺎﻳـﺎﻥ ﺭﻭﺯ ﭘـﺮﻭﮊﻩ ﺭﺍ ﺗﺤﻮﻳـﻞ ﺩﻫـﺪ ،ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﻭﻗﺖ ﺑﻴﺸﺘﺮﯼ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺩﺭ ﺻﻮﺭﺕ ﻋﺪﻡ ﺍﻋﻼﻡ ﻧﺎﻡ ﺍﻋﻀﺎ ﺗﺎ ﺗﺎﺭﻳﺦ ۱۰ﺑﻬﻤﻦ ،ﺑـﻪ ﺍﺯﺍﯼ ﻫـﺮ ﺭﻭﺯ ﺗـﺄﺧﻴﺮ ٠.٢٥ﺍﺯ ﻧﻤـﺮﮤ ﭘـﺮﻭﮊﻩ ﮐﺎﺳﺘﻪ ﻣﯽﺷﻮﺩ.
© Copyright 2026 Paperzz