|
|
|
国庆礼物 EXECryptor 226 unpacked&cracked
EXECryptor更要满天跑了 |
|
pc guard for win32 脱壳的问题
新版需要自己手脱 http://protools.reverse-engineering.net/ Unpackers/decrypters/unprotectors ->PCGuard PCGuard Decryptor by da DAEMON. 24.X.2000. PCGuard Decryptor 0.7 (21K). - decrypts each section that got encrypted - kills 100% of the pcgw code - it has got support for these versions: 2.10d, 3.00d, 3.02d, 3.03d (shareware versions). - also tries to rename the section names back to their original ones PCGuard Dumper by just Evaluator. 17.V.2003. PCGuard Dumper (77K). Dumper for PCGuard 3.05-4.10. |
|
|
|
ArmInline――Armadillo客户版Code Splicing+Import Table Elimination的简便修复方法
最初由 hacnho 发布 Hi hacnho Welcom u post your tut on pediy.com |
|
ArmInline――Armadillo客户版Code Splicing+Import Table Elimination的简便修复方法
如果不“新增区段”修复输入表,并且不删除壳区段的话,可以不修复e_lfanew |
|
ArmInline――Armadillo客户版Code Splicing+Import Table Elimination的简便修复方法
最初由 夜凉如水 发布 仔细检查你的各步骤和数据 |
|
ArmInline――Armadillo客户版Code Splicing+Import Table Elimination的简便修复方法
最初由 ljy3282393 发布 运行 Dump 看代码 否则是无法知道的 |
|
ArmInline――Armadillo客户版Code Splicing+Import Table Elimination的简便修复方法
转自:RCE Messageboard's Regroupment 作者:Admiral ArmInline is an Armadillo unpacking tool designed specifically to deal with the many antidump features available with private builds of Armadillo 4.x. Features: * Code Splicing: ArmInline 'revirgin's code protected by 'Strategic Code Splicing' by recursively identifying and removing the redundant opcodes, rather than dumping and patching in a VirtualAlloc, and so it adds nothing to the size of your dump. * Import Elimination: ArmInline is capable of consolidating DLL imports that have been shuffled by Armadillo's 'Import Elimination' and can generate a new IAT, which can then be used by ImpRec (or any other import table reconstructor). Any references to the old IAT are automatically redirected to the newly created, streamlined IAT. Note that ArmInline cannot retrieve Armadillo's stolen imports, so you will have to fix this prior to rebasing the IAT if you want a working dump. * Nanomites: Locates all of the nanomites in a dump and uses the packed exe to analyse them, generating a Nanomite table containing all the necessary information to produce a working dump. ArmInline can patch a small piece of vector exception handling code into your dump which will deal with the Nanomites on the fly. It's not the fastest tool you're ever going to see - it can take a few seconds to work a large 'Dillo (due to the recursive nature of its Code Splicing redundancy algorithm, the brute-force Nanomite debugging and the fact that I took the liberty of using Visual Basic to write much of it) and although it hasn't failed me yet (much), it has certainly not been thoroughly tested, and is provided without any guarantees whatsoever. So use this software at your own risk. 附件:ArmInline V0.6.zip |
|
[转帖]AntiDote V1.0
呵呵,都用了CreateProcessA |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值