so do you like to use the new OllyDbg 2.01 alpha 3?
unfortunately has this Olly still no plugin support and some more and I think it will take a long time till this new Olly is finished.
I was a little bored in the last day's and have test this new Olly a bit etc with some protections and I thought "Hey,just make new Olly a little bit invisible for some protections so that you can also run & analyze them!" So I have done this now and the new Olly "SND 2.0" get no more detected by some protections with basic enabled detecting features.
SND 2.0
--------------
- Added PEB Hide patch
- Added ZWQIP patch
- Changed OllyDBG names
- Changed CPU
- Added SND patch section where you can see my patches
--------------
The basic hide patches will work with some protections like
- TheMIDA & WinLicense [basic versions | NOT ALL]
- Obsidium
- NoobyProtect / Safe... [Thread unload problems / then just close Olly]
- etc
- Mostly all which are working without using external drivers | KernelMode
Note:
--------------
Just use the SND 2.0.ini file which are already included.
If you let create new ini file then disable this feature in the debug options.
Debuging
- Exceptions
Uncheck "Pass unprocessed exceptions to Unhandled Exception Filter
Note2:
--------------
If you get some target unload problems if you press close / exit on the target
window then just use the olly debuger exit [X] <-- button in Olly.
Note3:
--------------
This SND 2.0 Olly is just for fun so don't expect to much!Just for people they
like to work with odbg 201c + hide patches.
--------------
LCF-AT
So I have also created 2 movies some kind of Olly 2 vs SND 2
All in all it's just for fun so do not forget this ok.All test unpackmes can you find also on this board too to test them.So just test it if you like.All patches can you find in the added SND [except names & CPU patch (using quickly a hexeditor)] section to see what happend.
So then have fun with my little easter gift for you.
Info:
************
I created a loadDll Patcher for SND 2.0 to bypass the invalid loaddDll problem.So I had not checked this before.Just copy the patcher in your folder where SND 2.0 is and execute the patcher and press patch.Thats all.
发表于 2011-4-21 09:35
发表于 2011-4-21 10:04
