Re: Double encryption method



It doesnt matter whether the program is encrypted with a single XOR or
AES... encrypted or compressed or both ... encrypted once, or a thousand
times ... when the program is running it has already been decrypted (or in
the case of packers such as UPX, decompressed - no difference really), and
can then be dumped from memory and the executable patched to simply jump to
the decrypted/decompressed code.

A similar analogy is with multimedia protection ... companies can do all
they like to try to prevent their audio/video from being recorded, but at
the end of the day if the audio/video is playing (as it has to) then it can
be recorded.

One strategy you can use is to re-encrypt code after it has been used, but
this slows down the speed/efficiency of your program, and only slows - but
never fully prevents - the cracker gaining access to the decrypted code.



.