首页
社区
课程
招聘
[下载]Poison by What
发表于: 2008-8-19 21:53 5983

[下载]Poison by What

2008-8-19 21:53
5983
Poison by What

NICE PLUGIN BY What

Here is the source for a plugin, I have decided to write a new one from scratch with completely custom code.. Its has fixes for stuff like IsDebuggerPresent, HeapFlags, and shows hooks for stuff like ZwQueryProcessInformation. Show how to apply fixes to ollydbg itself, remove ep breakpoint and break on tls. Hope this helps someone. Originally I used a thread on restart of plugin but it was kinda annoying, so I hooked ollydbg later on where all the fixes would work right, took forever to find a good spot.
updated the code and fixed compatibility problems. I would still call it alpha code, but it works with all plugins I use. Looking into adding driver code with the source code for the rdtsc from pediy. Im not sure what exactly I added to it since the first post. Enumwindows mainly for telock. Cant use ignore invalid handle option with ollyadvanced if you want this one the fix in the plugin to work, ill probably fix that sooner or later. Anyway link is updated.

Edit in: Code updated as 3.2.08

Updates include added Process32Next hook, HeapFlags problem.

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

上传的附件:
收藏
免费 1
支持
分享
最新回复 (1)
雪    币: 1008
活跃值: (2412)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
2
这么好的工具都没人顶?脱EXEC还是很好用的.
虽然在国外的网站见过了..还是要顶一下....
2009-6-19 21:24
0
游客
登录 | 注册 方可回帖
返回
//