Thread: DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebugĄ¯s tricks
View Single Post
  #1  
Old 01-31-2015, 21:47
sh3dow sh3dow is offline
Family
  
Join Date: Oct 2014
Posts: 158
Rept. Given: 113
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 458
Thanks Rcvd at 202 Times in 75 Posts
sh3dow Reputation: 79
Talking DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebugĄ¯s tricks
DbgHook is plugin for Olly 2.1 that hooks the classics functions used for antidebug's tricks, the driver is for Windows 7 x64 (tested on build 7600.16385.1), so for running it need to be registered and PatchGuard disabled (you can use tools like DSEO).
the plugin lets you control the following options:
-Flags
-Time (dynamic fake time,it freeze process's timers when you stop the execution,you can also chose a time's multiplication factor for clocks and RDTSC)
-Windows (hides Olly's window to debugged process)
-NtQuerySystemInformation
-NtSetDebugFilterState
-NtQueryInformationProcess
-NtOpenProcess
-NtClose
-NtUserBlockInput
-OutputDebugString
-NtTerminateProcess
-NtQueryInformationThread
-NtSetInformationThread
-Driver's name

the plugin by walter1945 from _https://quequero.org

from attachment(with builds and sources)
Attached Files
File Type: rar DbgHook.rar (142.8 KB, 41 views)
Last edited by sh3dow; 01-31-2015 at 21:55.
Reply With Quote
The Following 7 Users Gave Reputation+1 to sh3dow For This Useful Post:
an0rma1 (02-02-2015), b30wulf (01-31-2015), emo (02-01-2015), Hypnz (02-01-2015), mr.exodia (02-01-2015), rooky2000 (01-31-2015), uel888 (02-01-2015)