[ale] Using diff to see what changed
Jim Kinney
jim.kinney at gmail.com
Fri May 13 18:12:26 EDT 2011
On Fri, May 13, 2011 at 6:05 PM, Chris Fowler
<cfowler at outpostsentinel.com>wrote:
> On Fri, 2011-05-13 at 17:59 -0400, Jim Kinney wrote:
> >
>
> >
> >
> > Sounds like a good way to find malware....
>
> I'm actually just doing this out of interest. I've played with this
> program that has an expiration (not registered, trialware). I'm curious
> as how Windows programmers implement this feature in their code. WINE
> should make it easy to figure out. I can't find any real data in
> the .reg files. I'm leaning on the proper method is to store this value
> in the .exe and update it as needed.
>
I've seen that before. during the install, ether the start date or the end
date is embedded into the exe. It checks every time it's run after that
point. You can test for that by resetting the system date past the end date
and disconnect all networking.
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
--
James P. Kinney III
As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as they
please, and those who survive will be left to contemplate the outcome.
- *2011 Noam Chomsky*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110513/3e837295/attachment.html
More information about the Ale
mailing list