ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ The ULTImate MUTation Engine .93á (c) 1993 Black Wolf Enterprises pardon the title, had to think of something... }-) ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ULTIMUTE is a mutation engine written for security-type applications and other areas where mutation of executable code is necessary. For my personal use, I have implemented it in Black Wolf's File Protection Utilities, using it to encrypt the code placed onto EXE's and COM's to protect them from simple modification and/or unauthorized use. The encryption algorithms themselves are terribly simple - the main point being that they change each time and are difficult to trace through. This engine is written mainly to keep a "hack one, hack 'em all" approach from working on protected code, rather than to keep the code secure by a cryptologist's point of view. Note: Please - this program and it's source have been released as freeware, but do NOT use the mutation engine in viruses! For one thing, the decryptor sequence has several repetitive sequences that can be scanned for, and for another, that just isn't what it was designed for and I would NOT appreciate it. If you MUST use someone else's mutation engine for such, use the TPE or MTE. I do NOT condone such, however. Please notify me if you release a program utilizing this engine - I'd like to keep track of it if at all possible, and I may have an improved version available. MODIFICATIONS: Any modifications made to this program should be listed below the solid line in the source code, as well as directly after this paragraph in the docs. Tell what was changed along with the name of the programmer and the date the file was changed. Also - source files should be commented where changed. If at all possible, report modifications to file to the address listed in the documentation for BWFPU21s. Changes to Date: None 08/05/93 - initial release date (add mod's below) DISCLAIMER: The author takes ABSOLUTELY NO RESPONSIBILITY for any damages resulting from the use/misuse of this program. The user agrees to hold the author harmless for any consequences that may occur directly or indirectly from the use of this program by utilizing this program/file in any manner. Please use the engine with care. USAGE: ULTIMUTE must be included as an object file into your program. To use, put the following lines at the top of your code.... extrn _ULTMUTE:near, _END_ULTMUTE:byte, Get_Rand:near extrn Init_Rand:near Then, when you want to use it to encrypt code, use the following registers: ENTRY: CX=Code Length BX=New_Entry_Point DS:SI=Code AX=Calling Style ES:DI=Destination 1=Near Call, 2=Far Call, 3=Int Call RETURN: CX=New Size ES:DI = Same, now contains encrypted code w/decryptor The code from DS:SI of length CX will be taken and encrypted. The decryptor and encrypted code will be placed at ES:DI. BX should be the location that the decryptor will be in memory when it receives control - for example, if it is to be at the beginning of a .COM file, it should be set to 100h. AX determines how ULTIMUTE will return to your code, if it is set to 1 (the normal case) then it will simply do a RETN - ax=2 will give a RETF and ax=3 will give an IRET. When ULTIMUTE is done, CX will equal the new code size for the decryptor/encrypted code. All other registers are saved. As I said before, please use the engine responsibly - and NOT IN VIRUSES! For Questions/Comments, contact the address listed in BWFPU21s.DOC. Remember - Freedom of Information brings a great responsibility to us. We must fight for that right - but don't abuse it once you get it. Black Wolf