-
-
Arma Intruder 0.4
-
发表于:
2007-5-22 05:26
4020
-
Here's the long awaited tool I wrote for analyzing Armadillo protected apps. I waited 'til the tsrh site was back up (tsrh.org.ua) and I could release it properly.
Big question is of course: why should you use this and not ArmaFP?
Answer: This is static (never executes the file), it gets the OEP and it shows the build date of Armadillo. Also it shows you the copymem byte (highest byte of the raw options), this is what the program is xored with when first decrypting CopyMem-II.
http://img373.imageshack.us/img373/4569/screenpf8.jpg
http://rapidshare.com/files/32624809/arma.intruder.0.4.tool-tsrh.zip
[课程]Linux pwn 探索篇!