首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 看雪峰会 看雪商城 证书查询
  1. 看雪社区
  2. OllyDbg插件区
    3. 发新帖
[转帖]OllyDbg plugin code name Swordfish
2013-3-27 06:37 5665

[转帖]OllyDbg plugin code name Swordfish

chixiaojie 活跃值
2013-3-27 06:37
5665
贴子来源:http://www.at4re.com/f/showthread.php?10923-OllyDbg-plugin-code-name-Swordfish

THE PROJECT:
        -----------------------------
            - OllyDbg plugin: Code name Swordfish beta release review #16 date 26/03/2013
            - OllyDbg supported release: 201h
            - Released by Arab Team for Reverse Engineering (AT4RE)
            - Coded by torpedo from AT4RE

        Road map: Work in progress
            - Final release v1.0 planned for: 31/03/2013
            - Additional features
            - New beta release v1.1 planned for: 10/04/2013
            - Final release v1.1 planned for: 15/04/2013
            - New road map

        FEATURES:
        ---------------------------------
            Tools:
            -----------------------------
                [+] Clear udd files
                
            Hide debugger:
            -----------------------------
                [+] PEB!BeingDebugged
                [+] PEB!NtGlobalFlags
                [+] Find OD Windows bypass

            Set breakpoints (hard coded):
            -----------------------------
                [+] 01- CreateWindowExW
                [+] 02- ShowWindow
                [+] 03- GetWindowTextW
                [+] 04- GetDlgItemTextW
                [+] 05- CreateFileW
                [+] 06- OpenFile
                [+] 07- ReadFile
                [+] 08- WriteFile
                [+] 09- LoadLibraryW
                [+] 10- MoveFileW
                [+] 11- DeleteFileW
                [+] 12- RegOpenKeyW
                [+] 13- RegCloseKey
                [+] 14- RegQueryValueW
                [+] 14- RegSetValueW


本地下载: OdPluginSwordfish.rar

[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法

上传的附件:
收藏
点赞0
打赏
分享
最新回复 (5)
yingyue
雪    币: 1844
活跃值: (35)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
私信
yingyue 2013-3-27 10:54
2
0
嗯,收下,谢
linhanshi
雪    币: 85263
活跃值: (198560)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
linhanshi 2013-3-29 10:00
3
0
chixiaojie
雪    币: 2873
活跃值: (1607)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
chixiaojie 2013-4-1 10:38
4
0 
OllyDbg plugin: Swordfish v1.0 Final release date 31/03/2013

- OllyDbg supported release: 201h
- Released by Arab Team for Reverse Engineering (AT4RE)
- Coded by torpedo from AT4RE

Road map: Work in progress
- New beta release v1.1 planned for: 10/04/2013

FEATURES:
-----------------------------------------
    Tools:
    -------------------------------------
        [+] Clear udd files

    Hide debugger:
    -------------------------------------
        [+] PEB!BeingDebugged
        [+] PEB!NtGlobalFlags
        [+] PEB!HeapFlags
        [+] Find OD Windows bypass

    Set breakpoints (hard coded):
    -------------------------------------
        [+] user32.GetWindowTextW
        [+] user32.GetDlgItemTextW

        [+] user32.MessageBoxIndirectW
        [+] user32.MessageBoxTimeoutW
        [+] user32.SoftModalMessageBox

        [+] user32.CreateWindowExW
        [+] user32.ShowWindow

        [+] kernel32.CreateFileW
        [+] kernel32.OpenFile
        [+] kernel32.ReadFile
        [+] kernel32.WriteFile
        [+] kernel32.LoadLibraryW
        [+] kernel32.MoveFileW
        [+] kernel32.DeleteFileW

        [+] advapi32.RegOpenKeyExW
        [+] advapi32.RegCloseKey
        [+] advapi32.RegQueryValueExW
        [+] advapi32.RegSetValueExW

        [+] kernel32.CreateToolhelp32Snapshot
        [+] kernel32.Process32FirstW
        [+] kernel32.Module32FirstW
        [+] Kernel32.Toolhelp32ReadProcessMemory
        [+] kernel32.OpenProcess
        [+] kernel32.WriteProcessMemory
        [+] kernel32.ReadProcessMemory
        [+] kernel32.CreateProcessW
        [+] kernel32.VirtualProtectEx

        [+] advapi32.OpenSCManagerW
        [+] advapi32.OpenServiceW
        [+] advapi32.StartServiceW
        [+] advapi32.DeleteService

        [+] msvbvm60.ThunRTMain
        [+] msvbvm60.rtcMsgBox
        [+] msvbvm60.__vbaStrCmp
        [+] msvbvm60.__vbaStrComp
        [+] msvbvm60.__vbaFreeStr
        [+] msvbvm60.__vbaFileOpen
        [+] msvbvm60.__vbaInputFile
        [+] msvbvm60.__vbaWriteFile
        [+] msvbvm60.__vbaStrCompVar
        [+] msvbvm60.__vbaStrTextCmp
        [+] msvbvm60.__vbaFileSeek
        [+] msvbvm60.__vbaFileClose
        [+] msvbvm60.__vbaVarTstEq


Swordfish_v1.0.rar
上传的附件:
linhanshi
雪    币: 85263
活跃值: (198560)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
linhanshi 2013-4-13 14:10
5
0
Swordfish 1.1
OllyDbg plugin: Swordfish v1.1 beta release date 10/04/2013

- OllyDbg supported release: 201h
- Released by Arab Team for Reverse Engineering (AT4RE)
- Coded by torpedo from AT4RE

FEATURES:
-----------------------------------------
Tools:
-------------------------------------
[+] Clear udd files

Hide debugger:
-------------------------------------
[+] PEB!BeingDebugged
[+] PEB!NtGlobalFlags
[+] PEB!HeapFlags
[+] Find OD Windows bypass
[+] CheckRemoteDebuggerPresent
[+] GetClassInfo(A-W-ExA-ExW)
[+] FindWindow(A-W-ExA-ExW)
[+] GetTikCount
[+] NtQueryPerformanceCounter

Set breakpoints (hard coded):
-------------------------------------
[+] user32.GetWindowTextW
[+] user32.GetDlgItemTextW

[+] user32.MessageBoxIndirectW
[+] user32.MessageBoxTimeoutW
[+] user32.SoftModalMessageBox

[+] user32.CreateWindowExW
[+] user32.ShowWindow

[+] kernel32.CreateFileW
[+] kernel32.OpenFile
[+] kernel32.ReadFile
[+] kernel32.WriteFile
[+] kernel32.LoadLibraryW
[+] kernel32.MoveFileW
[+] kernel32.DeleteFileW

[+] advapi32.RegOpenKeyExW
[+] advapi32.RegCloseKey
[+] advapi32.RegQueryValueExW
[+] advapi32.RegSetValueExW

[+] kernel32.CreateToolhelp32Snapshot
[+] kernel32.Process32FirstW
[+] kernel32.Module32FirstW
[+] Kernel32.Toolhelp32ReadProcessMemory
[+] kernel32.OpenProcess
[+] kernel32.WriteProcessMemory
[+] kernel32.ReadProcessMemory
[+] kernel32.CreateProcessW
[+] kernel32.VirtualProtectEx

[+] advapi32.OpenSCManagerW
[+] advapi32.OpenServiceW
[+] advapi32.StartServiceW
[+] advapi32.DeleteService

[+] msvbvm60.ThunRTMain
[+] msvbvm60.rtcMsgBox
[+] msvbvm60.__vbaStrCmp
[+] msvbvm60.__vbaStrComp
[+] msvbvm60.__vbaFreeStr
[+] msvbvm60.__vbaFileOpen
[+] msvbvm60.__vbaInputFile
[+] msvbvm60.__vbaWriteFile
[+] msvbvm60.__vbaStrCompVar
[+] msvbvm60.__vbaStrTextCmp
[+] msvbvm60.__vbaFileSeek
[+] msvbvm60.__vbaFileClose
[+] msvbvm60.__vbaVarTstEq

上传的附件:
chixiaojie
雪    币: 2873
活跃值: (1607)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
chixiaojie 2013-4-13 14:56
6
0
Swordfish_beta_(REV#4)1.1

Swordfish release history
--------------------------
12/04/2013 (BETA 1.1 REV#4 released)
[*] fixed conflict with OllyExt 1.2 plugin (thanks to cxj98 for report)


Swordfish_beta_(REV#4)1.1.rar
上传的附件:
游客
登录 | 注册 方可回帖
 回帖  表情 雪币赚取及消费
高级回复
返回