The latest version of VMSweeper has been released. Hopefully usefull for someone.
Version : 1.5 Beta 0
Last Update : 12 April 2012 - 3:55 PM
Author : Vam
Language : English
Plugin for OllyDbg - VMSweeper helps you to decompile VM code. VMSweeper decompiles functions, virtualized in:
- Code Virtualizer (Oreans Technology)
- VMProtect (VMProtect Software)
Recovers import
Finds different types of VM, including not supported for decompiling by itself.
Added:
1. Handler primitive simple function call without arguments and return values.
2. Recognition of primitives Push / Pop RvmLong pikodom with indexation.
3. Processing of multiple VMs on the same features as batch and single function call (optional Decompilate packet in the ini file).
It is recommended to disable, but if you have difficulty in finding an entry point to the batch function, you must enable the option.
4. Decompiling the code in the areas of change registers (optional Decompilate change register zones in the ini file). When this option
creates an additional "junk" in the log file, it is recommended to use only if the generated code without this option is missing manual.
5. Many small cosmetic nuances.
Fixed:
1. Restructuring source code.
2. Determining the size of the arguments of called functions.
发表于 2012-4-16 15:54
