-
-
[转帖]Swordfish 1.3 by Insid3Code
-
2013-6-16 23:57
-
Swordfish 1.3 by Insid3Code
- OllyDbg supported release: 201h
FEATURES:
Tools:
[+] Clear udd files
Hide debugger:
[+] PEB!BeingDebugged
[+] PEB!NtGlobalFlags
[+] PEB!HeapFlags
[+] Find OD Windows bypass
[+] CheckRemoteDebuggerPresent
[+] GetClassInfo(A-W-ExA-ExW)
[+] FindWindow(A-W-ExA-ExW)
[+] GetTikCount
[+] NtQueryPerformanceCounter
[+] Apply custom HideDbg config from external file (*.hdbg)
Set breakpoints (hard coded):
[+] user32.GetWindowTextW
[+] user32.GetDlgItemTextW
[+] user32.MessageBoxIndirectW
[+] user32.MessageBoxTimeoutW
[+] user32.SoftModalMessageBox
[+] user32.CreateWindowExW
[+] user32.ShowWindow
[+] kernel32.CreateFileW
[+] kernel32.OpenFile
[+] kernel32.ReadFile
[+] kernel32.WriteFile
[+] kernel32.LoadLibraryW
[+] kernel32.MoveFileW
[+] kernel32.DeleteFileW
[+] advapi32.RegOpenKeyExW
[+] advapi32.RegCloseKey
[+] advapi32.RegQueryValueExW
[+] advapi32.RegSetValueExW
[+] kernel32.CreateToolhelp32Snapshot
[+] kernel32.Process32FirstW
[+] kernel32.Module32FirstW
[+] Kernel32.Toolhelp32ReadProcessMemory
[+] kernel32.OpenProcess
[+] kernel32.WriteProcessMemory
[+] kernel32.ReadProcessMemory
[+] kernel32.CreateProcessW
[+] kernel32.VirtualProtectEx
[+] advapi32.OpenSCManagerW
[+] advapi32.OpenServiceW
[+] advapi32.StartServiceW
[+] advapi32.DeleteService
[+] msvbvm60.ThunRTMain
[+] msvbvm60.rtcMsgBox
[+] msvbvm60.__vbaStrCmp
[+] msvbvm60.__vbaStrComp
[+] msvbvm60.__vbaFreeStr
[+] msvbvm60.__vbaFileOpen
[+] msvbvm60.__vbaInputFile
[+] msvbvm60.__vbaWriteFile
[+] msvbvm60.__vbaStrCompVar
[+] msvbvm60.__vbaStrTextCmp
[+] msvbvm60.__vbaFileSeek
[+] msvbvm60.__vbaFileClose
[+] msvbvm60.__vbaVarTstEq
[+] Set API Bpts from external file (*.bpts)
[+] Set Offset Bpts from external file (*.bpts)
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
