34
The "fun" is over, I just want to know whose military uses such "encryption"
.
OK, now let's back to the main subject – misuse, evasion and maybe more.
The attacker could implement such web "encryption" technology in the web-
based malware such as HTML, JavaScript and other. Such "encrypted" malware
could change the encryption every time when its code executed and we will face
the metamorphic web-based virus. The virus, that have the potential not only
bypass the host antivirus protection, but to bypass our perimeter protection like
antivirus and content filtering gateways, IDS\IPS and other devices.
2.12.3 Intermediate code obfuscators
There are two main types of (compiled) intermediate code: Java bytecode and
MSIL (Microsoft Intermediate Language) for .NET. In both cases, decompiling to
source code and revealing internal structure is quite a simple task and many
tools exist to aid in this problem. Once again, as in the case of binary software
protection programs discussed early, there is a need to protect intermediate code
applications from crackers and protect intellectual property. This situation leads
to creation of intermediate code “protectors”. Such “protectors” will make the
decompilation process and understanding decompiled code more challenging.
The main purpose of Java language is - a single language for multiple platforms
and the main purpose of .NET is - a single platform shared by multiple
languages.
 |
 |
 |