#46
|
||||
|
||||
In attach normalized resources... i removed all unused STATIC controls.
|
The Following 3 Users Gave Reputation+1 to UniSoft For This Useful Post: | ||
#47
|
|||
|
|||
I tried single checkbox with text left before but I got problems with nice aligning and layouting. Thats why I used separate controls. But you seem to got it looking nice with single checkbox thanks hehe
|
#48
|
|||
|
|||
Check out the awesome new attach dialog for all debugger plugins! Drag'n'Drop the crosshair to your attach target...
dl: https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide_v1.2.rar new doc https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHidev1.2Doc.pdf Version 1.2 - All Plugins: New attach dialog with crosshair/bullseye window finder. - All Plugins: Tooltips with information (unfinished). Thanks to UniSoft! - Olly v1 Plugin: Fix for faulty handle bug - Olly v1 Plugin: Fix for NT symbol path bug added to "Fix Olly Bugs", thanks to redblkjck
__________________
My blog: https://ntquery.wordpress.com |
The Following 7 Users Gave Reputation+1 to Carbon For This Useful Post: | ||
besoeso (08-29-2014), MarcElBichon (08-28-2014), Nukem (08-28-2014), quygia128 (08-28-2014), sendersu (08-28-2014), Storm Shadow (08-28-2014) |
#49
|
|||
|
|||
since we aim to unify and replace good old plugins phantOm, strongOD, ollyAdvanced into one open-source plugin:
Are there any features by them you still miss in ScyllaHide ? Features you really use and dont want to miss |
#50
|
||||
|
||||
Very cool feture shooting targets.
All work as exepected. You should add flag Code:
PLUGIN_FIX | So sculla show in ida plugin at startup. So we dont have to load a file, and then shoot targets.
__________________
The devil whispered in my ear, "you're not strong enough to withstand the storm." Today I whispered in the devils ear, "I am the storm." |
#51
|
|||
|
|||
Quote:
Also make sure you select proper debugger engine in that combobox before ! You CANT attach without opened IDB like IDA can Menu->Debugger->Attach |
The Following User Gave Reputation+1 to cypher For This Useful Post: | ||
Storm Shadow (08-28-2014) |
#52
|
||||
|
||||
Well would be alot of work to bypass to gain maybe 5 seconds of file loading.by the way have you seen in the sdk, how to execute commands via the windbg console in scripts / plugins
I searched the idapython api, no result.would be great creating memory dumpers, or writing unpackers scripts.. Maybe there is somwthing in the c ++ end.
__________________
The devil whispered in my ear, "you're not strong enough to withstand the storm." Today I whispered in the devils ear, "I am the storm." |
#53
|
||||
|
||||
Quote:
Maybe place StrongOD you need to make future "More Dump Windows"(StrongOD have 5 windows, would like if we have more dump windows to work with memory) greets, quygia128 |
#54
|
|||
|
|||
Quote:
we tested this of course and for us its working well Yes I also like and use the multiple memory dump windows but imho that is alot of work to realize |
#55
|
||||
|
||||
Quote:
Plugin is shown in start off ida when no file is loaded. Got attach proccess box up, and ecerything but nothing to attach. put in pluginfolder Zullu.py Code:
import re import idaapi import idc from idc import * from idaapi import * import idautils class Sculla(idaapi.plugin_t): flags = idaapi.PLUGIN_PROC | idaapi.PLUGIN_FIX comment = "This is a comment" help = "Sculla" wanted_name = "Sculla" wanted_hotkey = "Alt-F7" def init(self): idaapi.msg("Sculla located") return idaapi.PLUGIN_OK def run(self, arg): idaapi.msg("run() called with %d!\n" % arg) def term(self): idaapi.msg("") def run(self, arg = 0): import idc idc.LoadDebugger("windbg", 1) idc.SetProcessorType('metapc', SETPROC_USER) #force cpu idaapi.load_and_run_plugin("windbg_user.plw", 0) #force idc.LoadDebugger("wingdbg", 1) idc.AttachProcess(-1, idaapi.PROCESS_ATTACH) def PLUGIN_ENTRY(): return Sculla() i did however get it to show pids adding the code to spu processor and load file, so its maybe not save database independent. its enoufgh with *.d0 and *.d1 (temp database), or the processor_t that tells it to load a file. So if you can somehow create the temp databse when attaching it should work. Well i think EDIT! actuelly they are there but got no names , since i didnt got the pid names. Got errot that database is only 16 bits, when using plugin. proberly need GetProcessPid(idx) and GetProcessName(idx) And tell pluginbits 32 bit.
__________________
The devil whispered in my ear, "you're not strong enough to withstand the storm." Today I whispered in the devils ear, "I am the storm." Last edited by Storm Shadow; 08-29-2014 at 06:28. |
#56
|
|||
|
|||
This is an update for olly v1 only right now.
https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide_v1.3_Olly1.rar Olly v1: - custom toolbar for dump and cpu window - del und insert shortcut - don't consume exceptions Olly v1 works now perfectly with EXECryptor, Obsidium and Themida... See documentation -> 1.1.19 Raise Exception, 1.3.13 Exception Problem https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHidev1.3Doc.pdf
__________________
My blog: https://ntquery.wordpress.com |
The Following 4 Users Gave Reputation+1 to Carbon For This Useful Post: | ||
#57
|
||||
|
||||
Oops, you've found a dead link. 1st please reupload ScyllaHide_v1.3_Olly1.rar
|
#58
|
|||
|
|||
Quote:
you can view all downloads available directly at https://bitbucket.org/NtQuery/scyllahide/downloads |
The Following User Gave Reputation+1 to RedBlkJck For This Useful Post: | ||
niculaita (09-20-2014) |
#59
|
|||
|
|||
today was used scyllahide, was say this:
Quote:
when run ntapi from https://bitbucket.org/NtQuery/scyllahide/downloads was show as there if wana add: Quote:
|
#60
|
||||
|
||||
Anyone try using ScyllaHide in win 10 ? I try but could not hide from debugger anymore . Now debugging to find the problem.
__________________
Welcome to my place http://www.reaonline.net |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
ScyllaHide HookLibraryx86.dll | phroyt | General Discussion | 3 | 10-25-2019 09:48 |
ScyllaHide Detector | Lueilwitz | Source Code | 2 | 08-07-2019 06:32 |