Hider plugin for Syser
Get:
https://yadi.sk/d/L0UKb6QK3JYPRY
https://www.sendspace.com/file/hwp40a
Steps:
unpack (use same dir levels)
syser_hide.dll -> Plugins,
hide_generic.dll nearby main .exe
Who wants might use hide_generic.dll in their projects.
Steps:
as easy as LoadLibrary() and we are cool!
The dll sets up a hook over
ZwWaitForDebugEvent() in debugger process and installs the rest of hooks
and patches memory in a process under debug.
The config is embedded inside the file itself in the following way:
[\x00] - OFF
any other char - ON
Code:ZwQueryInformationProcess[x]
ZwSetInformationThread[x]
ZwClose[x]
NtGlobalFlag[x]
ProcessHeapFlag[x]
IsDebuggerPresent[x]
enjoy
(c) by Veliant from exelab.ru resource
You could reach him here
https://exelab.ru/f/index.php?action=userinfo&user=3136
|