EXE SuperPak

An Executable Packer that combines compression, security, and licensing

In today's software landscape, safeguarding intellectual property and optimizing program distribution are key challenges for developers. Whether you're developing video games, enterprise applications, or other digital tools, reducing file size while ensuring robust protection against unauthorized use is paramount. Enter SuperPak, an innovative PE executable packer that not only compresses your programs with the tried-and-true Lempel Ziv (LZ) compression algorithm but also adds layers of security and flexibility designed to meet modern software distribution needs.

Proven LZ Compression

SuperPak employs the Lempel-Ziv (LZ) compression algorithm, a lossless method that reduces file size by replacing repeated data patterns with references to earlier occurrences. This approach dynamically builds a dictionary of patterns as it processes the input, minimizing bandwidth use and storage requirements for software distribution. As a result, software delivery becomes faster and more cost-effective. Whether you're distributing software over the internet or packaging large programs for distribution, the LZ compression will minimize bandwidth use and storage requirements, making software delivery faster and more economical.

The Power of Doing One Thing Well

In line with the UNIX philosophy, SuperPak consists of several small, purpose-built programs, each focused on a single function. This modular design gives developers the flexibility to integrate it into automated build systems or adapt it for various use cases without unnecessary complexity.

Scrambling Logic

SuperPak provides optional scrambling of the packed program as an additional layer of protection gainst unauthorized use or reverse engineering:

Embedded Key Scrambling: The key is securely embedded within the unpacker stub, providing a self-contained method of obfuscation.
File-Based Scrambling: The key becomes a file on the customer's system, ideal for scenarios like game expansions or DLCs, where the base game unlocks new content. This approach eliminates the need for activation codes, streamlining the user experience.

Scrambled Executable

Screenshot showing the scrambled version of Text-Pac's executable in HxD Hex Editor

Original Executable

Screenshot showing the original version of Text-Pac's executable in HxD Hex Editor

Optimized File Entropy

A lesser-known aspect of executable security is file entropy—a measure of randomness in the data. SuperPak strives to maintain file entropy below 7 in the resulting executable helping your software stay off the radar of data thieves and crackers.

No Additional Sections

Unlike many traditional packing solutions, SuperPak does not create additional sections in the PE file. By preserving the original layout, it avoid drawing attention from malicious hackers and data thieves, making your intellectual property less conspicuous in case of a data breach.

Command Prompt - COFF/PE Dumper

Dump of file TextPac_SuperPak.exe
File Type: EXECUTABLE IMAGE
  Summary
        1000 .data
        1000 .rdata
        1000 .reloc
        1000 .rsrc
        4000 .text

Decoy Splicing

For enhanced security, SuperPak offers program splicing, allowing you to embed a secondary program within the executable. If the packed program runs on a device that's unauthorized or fails licensing criteria, it seamlessly switches to a secondary application, like a simple calculator. This decoy masks the purpose of the application, potentially reducing its appeal to attackers. If a hacker accesses the program during a data leak, they may dismiss it as a mere internal utility, thus further protecting your intellectual property.

SuperPak in action!

Download Demo (Win95+/ReactOS): [SuperPak.zip].

To showcase the capabilities of SuperPak, a protected version of the game Text-Pac has been created as a demonstration. In this example, a unique file–TextPac.gif is leveraged, a screen recording of the game–as the key. This approach highlights SuperPak's versatility in using practically any file as a licensing key to protect the main program, further adding flexibility for developers.

Examining the Protected File

Text-Pac, as a simple game running entirely in text mode, would normally expose numerous gameplay strings in the executable. Without SuperPak, strings like "The definitive text-based version of the popular game" could easily be located through hex editors or "strings"-like utilities. However, with SuperPak's protection, these typical data patterns are entirely obfuscated within the executable. All while maintaining an entropy level of only 6.3–a common value that mirrors typical, unprotected software binaries. This can be confirmed by comparing it with the unprotected version which can be obtained here.

Triggering the Decoy

One of SuperPak's distinctive security features is the decoy program. In this demo, if the key file (TextPac.gif) is erased, renamed, or moved, the primary Text-Pac game will fail the licensing check. Instead of showing an error or becoming non-functional, SuperPak automatically switches to the decoy program, ExpressSolve–an interactive command-line tool designed to solve mathematical expressions.

Why SuperPak Stands Out

The Text-Pac demonstration reveals how SuperPak merges compression and security into a single, adaptable solution. For developers seeking a balance of efficiency, obfuscation, and anti-tamper measures, SuperPak provides a solution that protects intellectual property and reduces program size seamlessly.