Using Ghost to Block PGP Encoding


To demonstrate the user hook defined in this example, you need to download PGP Desktop version 9. At the time of this writing, PGP Desktop Professional version 9 can be downloaded from www.pgp.com/downloads/index.html. This download allows for a free 30-day trial, which should be more than enough time to demonstrate the user hook presented in this and the following chapter. Alternately, if you are currently using a free version of PGP (versions 6 through 8), you can use one of the following patterns:

  PGP version 6 pre-encode pattern (for PGP_SDK.dll): 0x81, 0xEC, 0xC8, 0x00, 0x00, 0x00, 0x53, 0x55, 0x8B, 0xAC, 0x24, 0xD8, 0x00, 0x00, 0x00, 0x57, 0xB9, 0x25, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x8D, 0x7C, 0x24, 0x14, 0x6A PGP version 7 pre-encode pattern (for PGPsdk.dll): 0x81, 0xEC, 0xC0, 0x00, 0x00, 0x00, 0x53, 0x55, 0x8B, 0xAC, 0x24, 0xD0, 0x00, 0x00, 0x00, 0x57, 0xB9, 0x23, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x8D, 0x7C, 0x24, 0x18, 0x6A PGP version 8 pre-encode pattern (for PGPsdk.dll): 0x81, 0xEC, 0xC4, 0x00, 0x00, 0x00, 0x53, 0x55, 0x8B, 0xAC, 0x24, 0xD4, 0x00, 0x00, 0x00, 0x57, 0xB9, 0x23, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x8D, 0x7C, 0x24, 0x18, 0x6A 




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net