-
-
[转帖]SnD Olly 2.2 by LCF-AT
-
发表于: 2013-6-15 00:04
-
SnD Olly 2.2 by LCF-AT
After a longer time I created a new SnD - version 2.2 - by request from our board member DMichael. Normally I still do not like to use Olly 2 version [many basic features missing / changed etc] but anyway... I have taken some time to create all patches in OllyDbg 2.01h like in my older version + some little more checks etc. So now you can use this version with Windows 8 [testing done by DMichael - thanks again] without any problems. If there are any problems with ASLR (for example) then you will get a message with info about the problem and what to do. I also changed the look a little, maybe you like it as I do. All is ready to go and is setup by me [.ini file like I prefer] so that you can start directly after unpacking the .rar file. Some information can be read in the info text file.
Have fun with the new 2.2 version [odbg201h] and post some feedback on the board if you like it or if there is any problem.
Modifications:
- Added PEB Hide patch
- Added ZWQIP patch
- Changed OllyDBG names
- Changed CPU
- Added SnD patch section where you can see my patches
- Added some new resources
- Added manifest for XP style [just rename manifest if you get problem to use it on other OS etc]
- Added quick origin pop if you press the "C" button
- Added Win7 | Win8 support only with static original base of SnD 2.2
- Added quick self check of loaded SnD 2.2 base. If not original or a problems comes at startup then you get info message
- Setup of SnD .ini file + color-scheme
So all was again patched like in my older SnD 2.0 / 2.1 versions plus some more checks and different patching ways of the intern ZWQIP API.
Testing by me on XP SP3.
Testing by DMichael on Windows 8. Thanks again. :)
Info: If you want to use int3 breakpoints instead of HWBPs [Debugging Options] then do not set a HWBP on ZWQIP API before you did stop at TLS or EP. Don't set the HWBP at systemBP.Int3 + HWBP on ZWQIP before TLS or EP = No API patch!
Int3 + No HWBP on ZWQIP before TLS or EP = Ok
HWBP + HWBP = All ok no problems.
Just keep this info in your mind if you wanna change the option.
Info: So I also insert the original Olly version which you will also need to read all plugins so that you don't need to change the OllyDBG.exe to SND.exe name in the plugins itself.
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
