ubuntu14.04 x86 compilation UPX 3.92 and so reinforcement

The reference article:

Http://www.cnblogs.com/fishou/p/4202061.html

1.download UPX and dependent components

Upx3. : https://www.pysol.org:4443/hg/upx.hg/archive/tip.tar.gzLZMA4. : http://nchc.dl.sourceforge.net/project/sevenzip/lzma%20sdk/4.43/lzma443.tar.bz2 UCL1. http://www.oberhumer.com/opensource/ucl/download/ucl-1.03.tar.gzZLIB1. 2. 3http://pkgs.fedoraproject.org/repo/pkgs/zlib/zlib-1.2.3.tar.gz/ Debc62758716a169df9f62e6ab2bc634/zlib-1.2.3.tar.gz

2. Unzip to/HOME/LOCAL/UPX

1[Email protected]:/home/local/upxmake# ll2 3Total dosage -4 5Drwxr-xr-x6Root root4096August - Ten: ,./6 7Drwxr-xr-x3Root root4096August -  the: -.. /8 9Drwxr-xr-x5Root root4096August -  the: -lzma443/Ten  OneDrwxrwxrwxTenJack Users4096July -  2004ucl-1.03/ A  -Drwxr-xr-x4Root root4096August - Ten: -upx-hg-22a77e02b61f/ -  theDrwxr-xr-x One  501     the 4096July -  2005zlib-1.2.3/

3. Setting Environment variables

Export upx_zlibdir=/home/local/upxmake/zlib-1.2. 3/export upx_dir=/home/local/upxmake/upx-hg-22a77e02b61f/export upx_lzma_version=  0x443export upx_ucldir=/home/local/upxmake/ucl-1.03/export Upx_lzmadir=/home/ local/upxmake/lzma443/

Note: Environment variables set in this way are only valid in the current shell environment when we enter in another shell environment: Env |grep UPX is not showing results

4. Go to the root directory of the/home/local/upxmake/upx-hg-22a77e02b61f/to compile

If you are prompted during the compilation: the error zlib.h cannot be found because the Zlib package is not installed and the problem can be resolved after installation. But one thing, note that the installation commands are:

sudo apt-get install Zlib1g-dev, not sudo apt-get install zlib

If prompted Usr/bin/ld:cannot FIND-LUCL reference: http://www.jb51.net/LINUXjishu/211594.html

Usr/bin/ld:cannot Common solution for find-lxxx errors

Execution: Apt-get Install Libucl-dev

5. If the compilation succeeds, generate a Upx.out file under $ (upx_root) |src

[Email protected]:/home/local/upxmake#./upx-hg-22a77e02b61f/src/upx.outultimate Packer forexecutablescopyright (C)1996- -UPX3.92Markus Oberhumer, Laszlo Molnar & John reiser Mar 30th -Usage:upx.out [-123456789DLTHVL] [-QVFK] [-Ofile]file.. Commands:-1Compress Faster-9Compress better-D decompress-l List Compressedfile..................... UPX comes with absolutely NO WARRANTY;  forDetails visit http://upx.sf.net

Use UPX for Android so reinforcement

In the native code:

1. Define a global variable in the native code to increase the volume of the generated binary, otherwise you will be prompted with an error:

"Notcompressibleexception" error occurred while compiling UPX.

Analysis: The UPX has minimal restrictions on the Packers ' binaries, and too small files will not be packers.

Solution: Define large enough data variables in the native code to make the compiled binaries easy to meet UPX requirements

         C:intconst dummy_to_make_this_compressible[100000] = {1,2,3 };         C+ +:extern"C"intconst Dummy_to_make_this_ compressible[100000] = {1,2,3};

2. Need to have _init segment for the shell

"Unknownexecutableformatexception" error occurred while compiling UPX.

Analysis: The shell binaries must exist in the Init section, otherwise UPX will not be able to restore the original code.

Solution: Define the _init () method in the native code, and be aware of the differences between C and C + +

// add _init segment in native code void _init (void) {}

Note: _init is not a section, just an export function. The NDK generates the corresponding segment and merges it into a large section, so you can't see it from the Section table.

Let's take a simple example of libhello.so as an example HELLO.C code as follows

#include <jni.h>void_init (void) { }/** JNI Specifies that the local method name Java_ calls the package name of the local method class _ Class Name _ Method name * jnienv * ENV Java Environment, providing functions for calling * Jobject obj calling the object of the local method * * Typed EF const struct jninativeinterface* jnienv; * jnienv <=> struct jninativeinterface* * env:jnienv * <=> struct jninativeinterface** * (*env)-> ; Newstringutf (); */jstring JAVA_COM_ITHEIMA_HELLOWORLD_MAINACTIVITY_HELLOFROMC (jnienv*env, Jobject obj) {    //Convert C string to string in Java    return(*env)->newstringutf (env,"Hello World");}

Use the Readelf tool to see if the libhello.so has a _init segment

As mentioned earlier, section table has no _init segment .

Readelf-s libhello.so

Use readelf-d libhello.so to see _init

Placing libhello.so in the ($UPX _root) |src directory for Shell execution

The section table with the UPX shell is erased

We use IDA to compare the effect of libhello.so encryption

Unencrypted effect: The code is naked.

UPX after encryption:

1.section table information erased

2. Take a look at the JNI function

Anti-compilation Look under:

ubuntu14.04 x86 compilation UPX 3.92 and so reinforcement