There have been massive issues with the Microsoft symbol servers recently... This was collected (took about 10 minutes) on the latest Windows 8.1 x64 https://gist.github.com/mrexodia/8aea202c1177892b4577a32927cef3bf

Thanks mr. Exodia. I did notice some symbol-server issues, but after a few retries it 'completed'. As it turns out; I got returned an incorrect version-tag when running PDBReader and the network-issues weren't messing things up after all (except having me to retry it a couple of times):

[060200000109_x86_000158A0]

instead of:

[060300000109_x86_000158A0]

whilst I do have Windows 8.1 x64 (=v6.3). I changed this manually in the .ini file, after which ScyllaHide seems to work perfectly. Not sure if this is an issue with PDBReader or not, but I should provide more info, please let me know ...

PS: Kindy silly I didn't notice before ... where's the shame-on-me-smiley when you need it ?

NT APIs missing
section
060200000109_x64_0000BAB0
file
X:\x64dbg\plugins\NtApiCollection.ini

Everything appears to work fine here. If Microsoft doesn't provide symbols there is not much you can do. What SKiLLa did is not a real solution, for me the problem was solved by running NtApiTool.exe again.

Seems the Anniversary update problems I documented and reversed are now fixed by another person, and is now in latest Git :)

Which is super cool.

ScyllaHideIDA.p64 is missing?

here

Attachment 9084
Also remind that the x64 version is a win32 build but with a different extension name.

Can you mirror it? I dont have permissions to download the attachment :(

Regards,

https://mega.nz/#!rxsjmBhb!OaRLJnutaPGqf9jQUntJKs6ficb9U7m2XZ57JEWrtd0

Hey Bro Can you Upload The Latest One (.p64)...? I Haven't VS To Compile It.... :(

Please read before asking.
I posted a Mega link in the very last post before you asked. ;)

mrexodia released this on Apr 21: ScyllaHide_2016-20-11_22-02

And Your Post : 11/16/16

That's Why I am Asking..... :)

BTW Thanks....

Just take the *. Plw and change it to *. P64 the x64 plugin do not use the Ida x64. Libraries. So the x86 works for both.

Thanks.... :)

2018-08-27 snapshot release and special greets to Mr. Exodia!

Change log:

Has there been a port to ida 7 for scylla hide? I am in the middle of working on it since I did not see one but wanted to make sure it has not been done yet.

create a new issue on scylla github
https://github.com/x64dbg/ScyllaHide/issues
that would be a definite global mutex for your work :)
good luck

https://github.com/x64dbg/ScyllaHide/releases/

I don't realy understand why the fresh package
ScyllaHide_2018-10-11_11-41.7z
has got inside very old bits?
eg: http://prntscr.com/l7eulo

I am using the new IDA SDK with it to compile the IDA pro plugin for IDA 7. It seems so far to have fewer issues then I was expecting but I still have a couple errors to work out. I am still a beginner with coding and this is not my strongest area so I figured it would be a good challenge and is something that can benefit the community.

Hope you have gone through this page carefully:
I have been able to get it compiled for the IDA Pro v7.0 but I do not want to release it without properly testing it.

Where did you get stuck?
In my experience, once all the stuff in the link above is taken care of, it compiles without too much of a problem.

ScyllaHide for IDA pro 7.5

Does it support both 32 as well as 64 bit targets?

sendersu yes, are present both dll in the archive...

Thanks for the share, btw doesn't work on IDA 7.5 .
As I already tried to compile using SDK of 7.5, there was a missing constant in kernwin.hpp file which was exist on older IDA versions.

I found this page to be very useful when porting old stuff into new v7.x

https://hex-rays.com/products/ida/support/ida74_idapython_no_bc695_porting_guide.shtml

How to bypass Debbuger setected (E0033) by Sentinel protection in xdbg 32/64 ?
schillahide profiles are not enough

"selected" or "detected" ? :)
2) pls share your sample so reversers will have a chance to dig into
otherwise you have to find the magic ball :)

literally any scylla profile works for me, e.g. vmp

I mean in windows under 10 22H2 x32 x64 with x32dbg.exe

Have you tried other debuggers like Ollydbg (YES! it still works in w10/11 in 32 bits)
or Ida Pro?

ollydbg special custom in win 7 32 yes
windows 10 32 and 11 x64 no success

from log
2023.06.04 11:52:56 INFO: Loaded VA for NtUserBlockInput = 0x76CE4AE0
2023.06.04 11:52:56 INFO: Loaded VA for NtUserQueryWindow = 0x76CE1160
2023.06.04 11:52:56 INFO: Loaded VA for NtUserGetForegroundWindow = 0x76CE13F0
2023.06.04 11:52:56 INFO: Loaded VA for NtUserBuildHwndList = 0x76CE1220
2023.06.04 11:52:56 INFO: Loaded VA for NtUserFindWindowEx = 0x76CE16F0
2023.06.04 11:52:56 INFO: Loaded VA for NtUserGetClassName = 0x76CE17C0
2023.06.04 11:52:56 INFO: Loaded VA for NtUserInternalGetWindowText = 0x76CE1650
2023.06.04 11:52:56 INFO: Loaded VA for NtUserGetThreadState = 0x76CE1080

can you sent folder of you debuger with cfg and ini files for plugin and other settings for x64/32dbg ?

Debugger detected (E0033) by Sentinel protection LDK
uses some custom-made detection, this is not a single checkbox (or even set of checkboxes) from S.Hide