Comment by livinginfear
3 years ago
Cool article. My first thought is that this might be a fun way to implement some really simple executable obfuscation.
3 years ago
Cool article. My first thought is that this might be a fun way to implement some really simple executable obfuscation.
Should be trivial to add running off the end into into native code, presumably after decompressing it. Process is: 0. start a decompressor; 1. decompress a decryptor; 2. call that to decrypt a composite payload; 3. run off the end into a better, native decompressor to decompress the real payload, and write it out or; 4. run into that.
I.e. it does not suffice to verify that the header is really a lambda calculus evaluator.