Collection of external Sigs for PEID
1 Attachment(s)
Hi Guys,
I went onto PEID's web site and compiled a bit of a list of PEID external signatures. Now I just checked the file and it seems to contain a few duplicates (my bad) but this does not affect the operation of PEID. Also I was not choosy about which Sigs I added (I just milked all the ones since Jan-2005). Some of the sigs might give false positives. What I did do though was to try to order the sigs to perform version specific checks before generic checks. Perhaps we can share more external sigs. As usual replace or append this file onto userdb.txt in the PEID folder Problem Sigs with UPolyX: I think the sigs for UPolyX are not cool. I tested by scanning Delphi 2005 install folder. This is the biggest culprit: [UPolyX v0.5] signature = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 00 00 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 00 ?? ?? 00 ?? ?? ?? ?? ?? ?? ?? ?? 00 00 00 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 00 00 00 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 00 00 00 ?? ?? ?? ?? ?? ?? ?? 00 ?? ?? ?? ?? ?? ?? 00 00 00 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 00 00 00 ep_only = false But there are other problem sigs for UPolyX WinRAR SFX is badly detected too! |
user Sig for DB
1 Attachment(s)
This is My USERDB fo PEiD ;)
|
my userdb.txt is very big and there are a lot of double signatures.
i started today to write an optimizing tool.i will release the first version next week on my homepage. shall i sort the signatures by the entry "ep_only" ? means ep_only=true as first signatures in the userdb.txt |
1 Attachment(s)
Quote:
For now only view/sort and remove dups (automatically) |
how do you remove dupes? by name or by signature pattern? its nice idea to make a syslist view, where you can edit each signature. i also thought about add a feature which allows you to import signatures from a other signature file.
i also dont have many time to code this. maybe its also a good idea to release such a tool as plugin for peid... |
Ok Im coding a stand-alone tool as we speak.
It will allow you to sort by name or by ep-type It will highlight duplicates (names or signatures) But simple duplicates eg (notice the spaces in the file before the field names) Code:
[test1] Code:
[test2] Code:
[test3] I see that NimDa2k's file is 300KB uncompressed so my little proggie needs to be able to cater for this. The idea to make it handle import / merging of new files is a nice idea. Just got to think through the interface properly. Lets see! Nice job on your tool alephz, I like that interface.. |
thx to Redbull and all which contributed sigs...
bye NeOXOeN |
PEiD Signature Manager
Quote:
Quote:
P.S. One more signature Code:
[VMProtect 1.06..1.07 -> PolyTech] |
2 Attachment(s)
Hi Guys,
An early Alpha version of my editing / sorting / duplicate searching tool Code:
all the same, but obviously this will be configurable. (and the list has to be sorted) Dupes.txt is a test file with three types of duplicates. I currently only detect it as two duplicates. |
1 Attachment(s)
Quote:
|
alephz, thanks ... strange one ... What o/s is that on ??
Busy fixing and registering a sourceforge project for this program. |
Quote:
|
shit will have to test the large font story
|
All times are GMT +8. The time now is 17:06. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX