View Single Post
  #7  
Old 02-28-2011, 07:55 AM
kao kao is offline
Senior Member
 
Join Date: Sep 2007
Posts: 184
Default

Quote:
Originally Posted by visions_of_eden View Post
.NET being a interpreted language
Please, check your source of information. .NET assemblies have IL code, that's true. But it's not interpreted, it's being compiled to native code by JIT compiler and then executed.

Nitpickers corner: the statement is true for most ECMA-335 implementations. Mono has both interpreter and JIT compiler available.

Quote:
Originally Posted by visions_of_eden View Post
All protections used to obfuscate a .NET assembly that are at least decent comes from unmanaged x86 world .
{smartassembly} does not come from x86 world, yet it's among the best .NET protections. These guys are really innovative and they know what they're doing..

Quote:
Originally Posted by visions_of_eden View Post
Just a question .... to unpack XHEO did u analyze the whole packer code or just hooked the JIT to get unencrypted code ?
Hooking into JIT is not what "static unpacker" means.. I analyzed JIT hook code and all the decompression/decryption routines. To do that you don't even have to have XHEO installed, few packed files are more than enough..
Reply With Quote