首页
社区
课程
招聘
[下载]Quick Unpack 2.0 beta
发表于: 2007-7-2 10:43 4196

[下载]Quick Unpack 2.0 beta

2007-7-2 10:43
4196
Quick Unpack 2.0 beta

v2.0
[!] fixed several bugs like missed import functions
[!] improved export feature now supports invalid functions
[!] many small improvements and optimizations
[+] import list from imprec feature added (now Quick Unpack supports both export and import of import functions in imprec-compatible files this allows to edit some functions or add new ones. keep in mind this option works with normally created files but if you put some garbage or format this file in unusual manner this may cause crash :) I was too lazy to parse the file with care)
[+] attach process feature added (this option allows to choose any module in a process for unpacking and has some features. if in processes listbox a process name is a full path with name you can attach to this process. if it is only name of the file you don't have enough rights to attach. you can't specify the OEP, the instruction the program was stopped is treated as the OEP. to use attach process feature one should load the program in any debugger and manually get to the OEP, when attach to that process with Quick Unpack. keep in mind that for smart import recovery you don't need the program to run, it can just be left in the debugger standing at the breakpoint. but to use smart import recovery with tracer you should put it in the infinite loop (EB FE) and run the program because the tracer uses current thread for tracing. if the program was put in the infinite loop don't forget to restore these two bytes in the dump. when attached tracing import is unreliable and very slow, so it's not recommended to use it). this feature allows to use Quick Unpack as a dumper and import recoverer (my attempt to replace PETools and ImpRec with one program :))
[+] imprec plugin support added (this feature allows to use imprec tracer plugins in Quick Unpack to restore import functions. keep in mind when using attach to process feature the program must be run for the tracer to work)
[+] add UsAr's generic oep finder
[+] add Human's generic oep finder


org download:
http://qunpack.ahteam.org/wp-content/uploads/2007/07/quickunpack20beta.zip

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

上传的附件:
收藏
免费 1
支持
分享
最新回复 (4)
雪    币: 210
活跃值: (40)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
2
更新的很快啊              
2007-7-2 11:17
0
雪    币: 202
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
多谢林版共享!支持!
2007-7-2 11:22
0
雪    币: 304
活跃值: (82)
能力值: ( LV9,RANK:170 )
在线值:
发帖
回帖
粉丝
4
不是final了么,又是一个说话不算话的作者~~~
2007-7-2 11:24
0
雪    币: 161
活跃值: (261)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
無法使用!有問題!
2007-7-24 12:24
0
游客
登录 | 注册 方可回帖
返回
//