Obsidium Olly Scripts

CodeCracker · #1 04-08-2019, 20:53

Obsidium Olly Scripts:
First load victim on Olly and execute the ObsidiumOEP.txt script; this will lead to near OEP;
Stolen bytes analyses are inside Obsidium Unpacking (Stolen Code).txt tutorial;
after you get the stolen bytes which have to placed before near entry point.
Finally load ObsidiumIAT.txt script to resolve import table.

CodeCracker · #2 04-09-2019, 18:20

Attached a fixed version of IAT fixer (now also backup/restore ESP register).

CodeCracker · #3 05-11-2025, 19:37

Attached new script for Obsidium, fixed ObsidiumIAT for dlls files;
Finding OEP for dll files is different: I've break hardware on execute to Rva 1000 - that address was called from OEP; I've returned from that until I found the real OEP.
Obsidium CodeDecrypt.txt - Olly script for decrypting code section.

CodeCracker · #4 06-02-2025, 18:54

ObsidiumIAT_v4.txt Olly script.
Hopefully all bugs was fixed.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
simpleJumpLogger and OutsideLogger - Olly debugger scripts	CodeCracker	Community Tools	0	12-19-2022 20:45
Safengine Olly scripts	CodeCracker	Community Tools	14	04-19-2019 09:50
OllyScript scripts for FSG 1.0 and 2.0	TQN	General Discussion	1	05-26-2004 20:14

The Following 11 Users Say Thank You to CodeCracker For This Useful Post:
Apuromafo (04-09-2019), Avi_RE (04-09-2019), BAHEK (11-24-2019), conan981 (04-09-2019), Indigo (07-19-2019), niculaita (04-14-2019), sh3dow (04-28-2019), wilson bibe (04-09-2019), yoza (06-13-2019), Zipdecode (04-09-2019)

The Following User Gave Reputation+1 to CodeCracker For This Useful Post:
ahmadmansoor (04-09-2019)

The Following 9 Users Say Thank You to CodeCracker For This Useful Post:
ahmadmansoor (04-09-2019), Apuromafo (04-09-2019), BAHEK (11-24-2019), bigboss-62 (05-06-2019), Indigo (07-19-2019), niculaita (04-14-2019), sh3dow (04-28-2019), wilson bibe (04-09-2019), yoza (06-13-2019)

The Following User Gave Reputation+1 to CodeCracker For This Useful Post:
Apuromafo (05-12-2025)

The Following 8 Users Say Thank You to CodeCracker For This Useful Post:
Apuromafo (05-12-2025), blue_devil (05-12-2025), MarcElBichon (05-11-2025), SofTw0rm (05-28-2025), tonyweb (05-12-2025), user_hidden (05-11-2025), WRP (05-11-2025), zionoobie (05-12-2025)

The Following 4 Users Say Thank You to CodeCracker For This Useful Post:
MarcElBichon (06-02-2025), niculaita (06-04-2025), tonyweb (06-02-2025), user_hidden (06-02-2025)