flat assembler
Message board for the users of flat assembler.
Index
> Projects and Ideas > Extended Length Disassembler Engine Goto page 1, 2 Next |
Author |
|
JohnFound 01 Dec 2012, 07:03
Where are the sources?
|
|||
01 Dec 2012, 07:03 |
|
yoshimitsu 01 Dec 2012, 12:36
attached.
|
|||
01 Dec 2012, 12:36 |
|
JohnFound 01 Dec 2012, 13:17
Ah, sorry I missed it. What is the reason to use the library this strange way: "fde32.inc"?
|
|||
01 Dec 2012, 13:17 |
|
yoshimitsu 01 Dec 2012, 13:38
Quote: Last edited by yoshimitsu on 01 Dec 2012, 12:35; edited 2 times in total I edited the attachments and included the source after your post. fde64/32.inc is the already assembled source packed into db's for a more universal way of including it (and assembling it faster). For example, if you'd want to use it with masm, only a few changes to fdeXX.inc are needed instead of changing the whole syntax like .labels, word [] to word ptr [], etc. decoder64/32.inc is the actual source. |
|||
01 Dec 2012, 13:38 |
|
JohnFound 01 Dec 2012, 16:08
It is clear now. I needed such a library several years ago for Fresh IDE, but now I can't remember why. It is good to have one around.
|
|||
01 Dec 2012, 16:08 |
|
neville 19 Jun 2013, 22:38
I just tried to download FDE32.zip but Avast kicked in with a Suspicious File warning. Has anybody else had a similar problem, or know why it happened?
(I tried it twice with the same result, but FDE64 downloaded fine) _________________ FAMOS - the first memory operating system |
|||
19 Jun 2013, 22:38 |
|
revolution 20 Jun 2013, 06:24
neville wrote: I just tried to download FDE32.zip but Avast kicked in with a Suspicious File warning. Has anybody else had a similar problem, or know why it happened? |
|||
20 Jun 2013, 06:24 |
|
typedef 20 Jun 2013, 09:37
revolution wrote:
virustotal is cloud-based. If once the file is scanned and found to be "malicious", anyone having an AV will have to add the zip file to the AV's white list otherwise it's "malicious". |
|||
20 Jun 2013, 09:37 |
|
revolution 20 Jun 2013, 10:33
Seems like all the more reason to forget about using a useless AV.
|
|||
20 Jun 2013, 10:33 |
|
bitRAKE 20 Jun 2013, 18:29
The FDE executable builds with the included source code.
So, how could there be a problem with the package itself? _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||
20 Jun 2013, 18:29 |
|
neville 21 Jun 2013, 00:16
revolution wrote: ... I would suggest that AVAST is crap and is merely giving you one of those all-too-numerous false positive AV warnings... If this is a false positive, it would be the first instance in more than 7 years of using AVAST, so I think maybe they've got the balance about right _________________ FAMOS - the first memory operating system |
|||
21 Jun 2013, 00:16 |
|
neville 21 Jun 2013, 00:20
bitRAKE wrote: The FDE executable builds with the included source code. _________________ FAMOS - the first memory operating system |
|||
21 Jun 2013, 00:20 |
|
bitRAKE 21 Jun 2013, 02:13
Delete EXAMPLE.EXE and compile a new one, read the source code, and conclude the anti-virii programs are crap when it reaches the same conclusion. If you are confused by the binary blob in the "unfancy" version then compile the "fancy" version and confirm it's the same bytes.
It appears AVAST is the problem. _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||
21 Jun 2013, 02:13 |
|
revolution 21 Jun 2013, 05:31
neville wrote: Seems a bit harsh. If I was writing a reliable AV program, I would err on the side of the odd false positive, rather than the possibility of a false nagative, ANYTIME! Code: ;This procedure will never return a false negative, ANYTIME! test_incoming_file: call LoadTheSuspectedFileIntoMemory,name,... mov eax,TRUE ;mark this file as a problem and tell the user to be very worried ret neville wrote: If this is a false positive, it would be the first instance in more than 7 years of using AVAST, so I think maybe they've got the balance about right |
|||
21 Jun 2013, 05:31 |
|
typedef 21 Jun 2013, 05:51
Quote:
Some of these flags are mostly because of hashes in the cloud submitted by other "not-so good" AVs (as if they were all good). Some of which detected themselves as a virus |
|||
21 Jun 2013, 05:51 |
|
revolution 21 Jun 2013, 06:14
typedef: What do you mean by "hashes in the cloud"? Are you suggesting that AVs writers merely use each others detection algorithms and come to the same conclusions based upon some matching hash? Do you have evidence of this or is it just some "hackers common knowledge"? Something else?
|
|||
21 Jun 2013, 06:14 |
|
typedef 21 Jun 2013, 07:09
revolution wrote: typedef: What do you mean by "hashes in the cloud"? Are you suggesting that AVs writers merely use each others detection algorithms and come to the same conclusions based upon some matching hash? Do you have evidence of this or is it just some "hackers common knowledge"? Something else? "hackers common knowledge"? Now what the monkey-shit is that? It's proven and tested. Also, I didn't say they use each other's detection algorithms. That would make no sense because then all the AVs would provide the same level of detection and "protection". Besides you wouldn't know because you've never used an AV before. Just download AVAST and open the advanced settings and you'll find a "cloud" option. Another one is COMODO... There are lots of them.. |
|||
21 Jun 2013, 07:09 |
|
revolution 21 Jun 2013, 07:21
To get the same hash then you must also use the same algorithm. SHA1 != MD5 != Whirlpool != Skein. Else how?
|
|||
21 Jun 2013, 07:21 |
|
neville 21 Jun 2013, 23:48
revolution wrote: Sure. And here is the code that will never give a false negative, ever (but may give the occasional false positive, but don't worry about those false positives, just ignore them): If I had nothing else better to do I would try to find out exactly why AVAST objected to EXAMPLE.EXE in the archive, but frankly I don't (unless anybody else can offer some helpful insight?) _________________ FAMOS - the first memory operating system |
|||
21 Jun 2013, 23:48 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.