Exetools
Page 4 of 4 « First 23 4
Show 40 post(s) from this thread on one page

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   OllyDBG v2.xx plugin - OllyExt (https://forum.exetools.com/showthread.php?t=15258)

ferrit.rce 02-12-2014 22:21
OK, first of all I'll make the last build stable by fixing all the issues and in the meantime let's start a new parser and I'll contribute.

ahmadmansoor 02-13-2014 00:00
Quote:
Originally Posted by mr.exodia (Post 89951)
@ahmadmansoor: Somewhere these days I will start working on an open source asm parser for the XED library. I will add you to the repo when this project is started.

Greetings
big Thanks for ur offer mr.exodia :D .and I am waiting that .

softgate 02-13-2014 02:14
By any chance you didn't notice the existence of my post at #43, I'm still wondering how to get Olly2 + Ollyext load the VMProtected executable undetected on Windows 7 x64.

Any information and/or suggestion would be very appreciated. :)

ferrit.rce 02-13-2014 03:47
I've noticed it :) All in all seems like I've made some existing protections dead. Most probably that's reason why it gets detected. I'm working on the issues but it takes some time...

Quote:
Originally Posted by softgate (Post 89959)
By any chance you didn't notice the existence of my post at #43, I'm still wondering how to get Olly2 + Ollyext load the VMProtected executable undetected on Windows 7 x64.

Any information and/or suggestion would be very appreciated. :)

sendersu 02-13-2014 03:51
Quote:
Originally Posted by softgate (Post 89959)
By any chance you didn't notice the existence of my post at #43, I'm still wondering how to get Olly2 + Ollyext load the VMProtected executable undetected on Windows 7 x64.

Any information and/or suggestion would be very appreciated. :)
I had similar issue
try from clean Olly ini file

ferrit.rce 02-13-2014 06:47
1 Attachment(s)
New v1.72 is out. Changes:
Code:
12.02.2014
        - KiUserExceptionDispatcher fix
        - NtSetThreadContext fix
        - ZwContinue fix

softgate 02-13-2014 09:05
Thank you for your comments.

I've tried with a clean Olly and OllyExt ini file, using v1.72, but so far no luck with it.
Since I'm not particularly in hurry, I would like to try it again with later versions.

Thanks again for your efforts you put into OllyExt.

MistHill 02-28-2014 11:22
@ ferrit.rce
Nice work!

ferrit.rce 02-28-2014 22:38
1 Attachment(s)
New v1.73 is out. Changes:
Code:
26.02.2014
        - NtClose has to return c0000008 fix

24.02.2014
        - Error message appears if breakpoint is in the function which one to hook ( hook will be skipped )
        - Protection will be updated if a new module loaded
I've tested VMP with this version and it works :)

ferrit.rce 04-13-2014 22:16
1 Attachment(s)
New v1.74 is out. Changes:
Code:
13.04.2014
        - Custom caption possibility added

ferrit.rce 04-27-2014 16:13
1 Attachment(s)
New v1.8 is out. Changes:

Code:
27.04.2014
        - Custom patch framework implemented
        - Custom patch signature ripping

24.04.2014
        - Icon change can be turned off

sendersu 05-25-2014 18:44
Hi ferrit
how about processing this method of detecting?

ntdll.NtQueryInformationProcess()
I've a target that is using it.

ferrit.rce 06-02-2014 06:29
This function is already hooked. Maybe it's a bug. Please send me the binary which detects it.

Quote:
Originally Posted by sendersu (Post 91578)
Hi ferrit
how about processing this method of detecting?

ntdll.NtQueryInformationProcess()
I've a target that is using it.

tenketsu 06-15-2014 08:39
No problems so far, works like a charm, thanks.


All times are GMT +8. The time now is 16:20.
Page 4 of 4 « First 23 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX