        we will make you feel you have just...
         ۲ ۲     ۲   
                     ۲  ۲     ۲        ۲      
               ۲ ۲     ۲          ۲   
            ۲      ۲  ۲ ۲     ۲      ۲  ܲ   ۲   
            ۲      ۲  ۲ ۲  ۲۲  ۲ ۲  ۲ ۲  ۲   
            ۲      ۲  ۲ ۲  ۲۲  ۲ ۲  ۲ ۲  ۲   
            ۲      ۲  ۲ ۲  ۲۲  ۲ ۲  ۲ ۲  ۲   
            ۲      ۲  ۲ ۲  ۲۲  ۲ ۲  ۲ ۲  ۲   
            ۲      ۲  ۲  ۲  ۲ ۲  ۲ ۲  ۲ ۲  ۲   
            ۲      ۲ ۲ ۲  ۲   ۲  
                           
           

   INSIDER v1.0 - COM files encryptor - (c)1998 FALLEN - coded by panoramix

            i. introduction.....................................1
           ii. how does it work?................................2
          iii. does it have anti-debugging tricks?..............3
           iv. usage............................................4
            v. are they going to be updates?....................5
           vi. testing..........................................6


i. introduction:

Insider is a very simple .COM file encryptor. It uses the logical XOR operand
to do the encryption, with an incremental 16bit key. It only has one layer of
encryption, and no-anti-debugging tricks, because that was not the point in
this util.
The name is 'insider' because it is based on a simple virus I made 5 years ago
called the same. (don't worry, this program has no viral code in it!).

ii. how does it work?

It's very simple: every single byte of the original .COM file is passed to the
encrypting routine, wich does nothing but XOR the value of the original byte
with another byte (this is called encryption key). When all of the original
bytes are XORed, the program place the decryption routine at the end of the new
encrypted file, and a jump to it at the beggining. So every time the new file
is executed, it is decrypted in memory at runtime, and it can work normaly.
This was actually the point of coding this util. Because most of the encryptors
out there place the decrypting routine at the beggining of the file, not at the
end of it...

iii. does it have anti-debugging tricks?

No. It doesn't. the reasons:
1) because I was just trying to make a different approach on the decrytion.
2) because I don't want any antivirii saying my program is an unknown virus.
3) because no matter what you do, everything is crack/able (we all know that)
But, is you feel you can use anti-debugging you can add any tricks and other
nasty things to the program yourself... that's why I have included the source!

iv. usage

insider <file.COM>

note: the original file allways get overwritten.

v. are they going to be updates?

No. I don't think so... maybe bugfixes, but not new features.

vi. testing.

I have tested insider with every single .COM file in my computer. Every patch
keygen and intro you can think of, and it worked fine. I'm not saying there
are no bugs. I'm sure they are a lot, but not major bugs. BTW: I have coded it
100% on a DOS box on WIN98. So I don't think there will be any problems running
insider, or any crypted file under WIN95/98.
BTW: you can make more than one pass to the original .COM file, if you want.
I have tested it, and works fine. Even on file packed with PKLITE/etcetc.


Ok, that's about it. I don't like writting DOCs, but nobody does... if you have
any questions try to reach me at EFNET #FALLEN98 and #CRACKING.

signing off: panoramix/FALLEN
