-
-
ARTeam: IDA plugin to depack aplib/lzma statically compressed data into IDA by deroko
-
发表于:
2008-9-24 16:26
2832
-
ARTeam: IDA plugin to depack aplib/lzma statically compressed data into IDA by deroko
Hi all,
just released a plugin for IDA 5.2 and following, to decompress aplib or lzma packed data in your target when analyzing with IDA.
The plugin supports aPlib which is quite common in malware, but there's also support for packman lzma compression, even if this one is very rare.
Run plugin by pressing CTRL+9 and you will be prompted with a window for unpacking or simply go to Edit->plugins->aplib depack
Full C sources are included, aswell. See the readme.txt for further details and instructions.
http://arteam.accessroot.com/releases.html
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
