Forbid decompressing for UPX Win32/PE compressed files

Question

Actually dont want people to decompress my Win32/PE executables. I found a solution from one russian guy. His tool is named "UPX shell" and was at http://bash.x2i.net/, but website is down for now(it is not the same as upxshell.sourceforge.net) His tool has option "Protect file from decompression" and it works just great(even with latest UPX)!

upx shell from russian guy doesn't have command line interface at all, which is needed for automatically compressing files with Visual Studio Post-Build.

Okay, it is not really cool for me, and I want to know how it works to write own command line solution, and is there any modern solutions for protecting .exe files from decompressing?

Answer 1

Depends a lot on your goals. Why don't you want people decompressing your PE?

If you are looking to stop people from "cracking" your software then even the "Russian guy"'s UPX Shell won't help. Code will get decompressed in memory when the EXE is running, so someone could simply read that memory.

My guess is UPX Shell just wraps the UPX compressed PE in another layer. Like making an executable zip file of an EXE. If this is the case just use another PE compressor on top of UPX, like PECOmpact http://pecompact.com/pecompact.php

Answer 2

Protection schemes are not unbreakable, on the contrary, a good amount of them are easely breakeable. There's a ton of tutorials for breaking a bunch of protetion schemes. So, I really don't recommend relying on this kind of protection.