EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-31-2015, 21:47
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 81
Rept. Given: 91
Rept. Rcvd 76 Times in 21 Posts
Thanks Given: 165
Thanks Rcvd at 90 Times in 32 Posts
sh3dow Reputation: 76
Talking DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebug¡¯s tricks

DbgHook is plugin for Olly 2.1 that hooks the classics functions used for antidebug's tricks, the driver is for Windows 7 x64 (tested on build 7600.16385.1), so for running it need to be registered and PatchGuard disabled (you can use tools like DSEO).
the plugin lets you control the following options:
-Flags
-Time (dynamic fake time,it freeze process's timers when you stop the execution,you can also chose a time's multiplication factor for clocks and RDTSC)
-Windows (hides Olly's window to debugged process)
-NtQuerySystemInformation
-NtSetDebugFilterState
-NtQueryInformationProcess
-NtOpenProcess
-NtClose
-NtUserBlockInput
-OutputDebugString
-NtTerminateProcess
-NtQueryInformationThread
-NtSetInformationThread
-Driver's name

the plugin by walter1945 from _https://quequero.org

from attachment(with builds and sources)
Attached Files
File Type: rar DbgHook.rar (142.8 KB, 41 views)

Last edited by sh3dow; 01-31-2015 at 21:55.
Reply With Quote
The Following 7 Users Gave Reputation+1 to sh3dow For This Useful Post:
an0rma1 (02-02-2015), b30wulf (01-31-2015), emo (02-01-2015), Hypnz (02-01-2015), mr.exodia (02-01-2015), rooky2000 (01-31-2015), uel888 (02-01-2015)
  #2  
Old 02-01-2015, 08:26
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 856
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 529 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
the code is very hacked and uncommented, but it looks like a nice thing
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #3  
Old 02-01-2015, 19:30
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 81
Rept. Given: 91
Rept. Rcvd 76 Times in 21 Posts
Thanks Given: 165
Thanks Rcvd at 90 Times in 32 Posts
sh3dow Reputation: 76
Quote:
Originally Posted by mr.exodia View Post
the code is very hacked and uncommented, but it looks like a nice thing
Yes, and as he wrote
I also decided to publish the source for two reason:
-I'm not a good programmer so other people like me can learn how this tools works and how build a similar.
-I hope other people of comunity contribute adding or improving the plugin
.
Reply With Quote
Reply

Tags
ollydbg plugins, ollydbg2

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Plugin+ Configuration for olly 2.01 Conquest General Discussion 4 03-25-2013 00:04


All times are GMT +8. The time now is 10:47.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX