-
-
[转帖]Armadillo Environment Variables Finder 1.1 + Injector 1.1
-
发表于: 2013-3-24 01:17
-
Armadillo Environment Variables Finder 1.1 + Injector 1.1
From:EXETOOLS
From:EXETOOLS
Armadillo Environment Variables Finder
- a supporting tool for analyzing dumps
or executable files after removing
attachments protector Armadillo. It
shows what the standard environment
variables tread used and what the standard
features of dynamic library ArmAccess.dll called.
The search is performed both by ANSI,
and in Unicode strings. The list shall
indicate the physical position in the
file, encoding, and found the name of
the variable or function. User variables
are not handled by default, but you can
add the value you want to file aev_uservars.
txt, which must be placed in the program.
Double click on the line opens a window
with additional information about the variable:
the virtual address, physical address,
and cross-references. In the folder with
the test file is created the log file from
the search results. Further, the obtained
values 鈥嬧€媍an be used in the program
Armadillo Environment Variables Injector
- is a helper utility to bypass the security
program based on environment variables hinged
tread Armadillo. After removing the Armadillo
and restore the dump with Armadillo Environment
Variables Injector you can add to the unpacked
file code that is run automatically sets environment
variables to the correct values. Thus there is no
need to look for and patch testing environment variables
in the program. Verified to work on Windows XP and Windows
7, including 64-bit systems. Supported executables and DLL-
library. To find the names of variables used in the file,
you can use the utility Armadillo Environment Variables
Finder.聽If you use to unpack ArmaGeddon, then do not put
a check on the option "Minimize size", as in this case,
the patch will fail. To remove sections of the tread of
the box, I recommend using the program CFF Explorer.聽As
the payload software developers can also use the utility
Armadillo Environment Variables Injector. With it you
can test and debug their programs reaction to events
Armadillo without the need of a protector to hang himself.
i was translate this from russian language if you want original here is
http://www.manhunter.ru/releases/449_armadillo_environment_variables_finder_1_1.html
http://www.manhunter.ru/releases/441_armadillo_environment_variables_injector_1_1.html
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
