Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-18-2023, 15:49
Nisy's Avatar
Nisy Nisy is offline
Family
 
Join Date: Jan 2023
Posts: 13
Rept. Given: 0
Rept. Rcvd 18 Times in 6 Posts
Thanks Given: 1
Thanks Rcvd at 127 Times in 11 Posts
Nisy Reputation: 18
Talking Baymax Patch toOls v3.3.1 (2024.03.21)

Baymax Patch Tools v3.3.1

Tool description:
Baymax Patch Tools is a hijacking patch making tool that releases a hijacking DLL for the target process to load the function module PYG. Two patching functions are supported.search and replace patch supports feature code search and replace memory data, exception breakpoint patch supports simulating the exception breakpoint function of debugger and modifying register, memory and other data after setting and triggering breakpoint to achieve the purpose of modifying program execution flow and so on.
The tool is protected, antivirus may misreport the tool and patch files! Due to the use of the shell SDK, all components of the tool (including the generated patches) do not contain networking capabilities! The generated patches will not modify any files on the system when running (except for overwriting patch files). The generated patches will not modify any files on the system when running (except for overwriting patch files). The tool itself has a verification mechanism and will load only after the module is successfully verified at startup, but for security reasons, please be sure to download and use it from the official site.

Function introduction:
. support hijacking crack, not modify the file itself
. support for patching processes with dynamic base addresses (ASLR)
. support patching multiple DLL modules of the target process
. support patching different EXEs of the same patch
. support patching the memory data of a process at a specified address
. support for patching processes using feature code matching
. support setting API HOOK decoding for shelled programs before patching data
. support patching data after setting hardware breakpoint interrupt for the process
. support setting exception breakpoints to modify the memory pointed to by registers or registers after interrupting the process
. support setting conditional breakpoints for processes to determine whether to execute Patch according to the number of interrupts, . . . . register or memory values
. support setting different conditional breakpoints for the same address to perform Patch on the interrupts that meet the conditions
. support extracting global variables from assembly instructions to store and modify them
. support for storing data and using stored data during process execution
. support patching the memory pointed to by the memory marker after interrupt
. support basic operations on data after interrupt
. support for reading patch data from ini file
. support to create memory keymaker
. support for creating debug patches to troubleshoot patch problems by yourself


Update:

2024.03.21
x86/x64 v3.3.1
1. Add hijacking code generation tool. Drag the module (dll) that can be used for hijacking into the window, you can generate the hijacking project corresponding to the VS version. The tool supports hijacking mode and transit mode; supports some C++ export functions (namespaces, classes, virtual tables, static members, etc.); parses and generates export data (non-functions).
2. restructured and optimized the internal logic of the patch module PYG.dll/PYG64.dll, and the functions of the 32/64 modules have been aligned.
3. Enhanced the function of "Protect Hardware Breakpoints" (to be perfected on Win7), after checking this function, you can directly set hard breaks for patching some shelled programs.
4. support setting UI fonts, support setting default fonts for patches, and you can also set fonts in the menu of patches.
5. Fix the compatibility problem on non-Chinese systems.
6. fix the problem of loading failure of PYG.dll in XP system.
7. fix detours occasional stuck problem (thanks to DNA's feedback and assistance in testing)
8. fix the bug that "Autoloading" mode fails to inject into some processes (thanks to Stone & Cloth for the feedback)
9. Generate loader no longer forcibly overwrite the ini file.
10. change the language file, support to set multiple LangId, split by comma.
11. Cancel the output of debugview in debug version.
12. debug version no longer detect x64dbg, no longer detect hijacked DLL.
13. Add Spanish language file, thanks to LoPeRa.

2023.09.26
x64 v3.1.7.2
1. fix the bug of checking uxtheme.dll file incorrectly (thanks to 石头✄布 && YANGMYRON for the feedback).
2. Fix the bug that the patch program fails to overwrite PYG64.dll by releasing it separately.

2023.09.15
x86 v3.1.7
x64 v3.1.7
1. fix the bug that reboot doesn't work after setting language (thanks for the feedback from plusv).
2. Add Traditional Chinese language (thanks to plusv).
3. Fix a crash that could be triggered by setting a stack adjustment value in the "The function returns directly after modifying the context" type.

2023.09.05
x86 v3.1.5.3
x64 v3.1.5.3
1. Optimize the flow of int3-1, hardware breakpoint exception handling function.
2. Increase the output of debugging information during patching process.
3. fix the bug of setting function in Int3-3 mode to return immediately to the program stuck (thanks for the feedback from 听雨 ).
4. Fix a logical conflict issue when setting up multiple patch entries at the same address.
5. Fix the bug that setting conditional breakpoints with UNICODE strings fails.
6. Fix a compatibility issue after installing KB5029247 system patch (thanks for the feedback from 夫唯不争).
7. Improve the logic of setting hardware breakpoints for all threads (thanks for the feedback from 春天里).
8. (x86)Fix the bug of uxtheme.dll file checksum error on XP or above systems (thanks for the feedback from 小面条).
9. some internal optimizations and anti-debugging.

2023.01.30
x86 v3.1.3
x64 v3.1.2
1. Fix compatibility issues with Windows XP system caused by shell
2. Fix a bug introduced in version 3.1: setting When Running to Oep to generate a non-debug version of Loader will cause the target process to start up and get stuck (thanks to fairycn for the feedback)
3. Fix the bug of wrong display of QWORD data for x64 edit condition breakpoints
4. Fix a bug that when editing old bpt projects, the parsing of entries containing conditional breakpoints was wrong (thanks to 737008227 for the feedback)

2023.01.18
x86 v3.1.0
1. Support multi-language function
2. adjusted and optimized the UI, text descriptions, etc. to improve the interactive experience

----------------------------------------------------------

Download(The zip has a password.)
https://sourceforge.net/projects/baymax-patch-tools/files/

Download(The zip has a password.)
https://www.upload.ee/files/16431970/Baymax_Patch_Tools_v3.3.1.zip.html
https://www.upload.ee/files/16431967/Baymax_Patch_Tools_x64_v3.3.1.zip.html

or(7z zip without password, may be killed by antivirus)
https://down.52pojie.cn/Tools/Patchers/Baymax_Patch_Tools_v3.3.1.7z
https://down.52pojie.cn/Tools/Patchers/Baymax_Patch_Tools_x64_v3.3.1.7z

or(The zip has a password.)
Download: http://pan.baidu.com/s/1pLUuBEj Code: 5x8n


Update a tutorial on how to use this tools
Baymax Patch App Protected by VMP: https://forum.exetools.com/showthread.php?t=20642

Last edited by Nisy; 03-26-2024 at 09:05. Reason: update
Reply With Quote
The Following 10 Users Gave Reputation+1 to Nisy For This Useful Post:
alekine322 (01-22-2023), canopus (02-05-2023), copyleft (01-21-2023), FiNALSErAPH (02-13-2023), MarcElBichon (01-19-2023), Mendax47 (01-19-2023), nulli (02-02-2023), user1 (11-13-2023), yoza (01-18-2023), ZeNiX (02-03-2023)
The Following 38 Users Say Thank You to Nisy For This Useful Post:
acme (01-18-2023), alekine322 (01-22-2023), besoeso (01-18-2023), bolo2002 (01-19-2023), canopus (02-05-2023), copyleft (01-21-2023), darkBLACK (03-16-2023), DimitarSerg (02-22-2023), dimosdimos (02-18-2023), dnvthv (03-25-2024), Doit (02-04-2023), Dr.FarFar (01-31-2023), Dxer (09-17-2023), Fragrance (03-26-2024), h8er (02-25-2023), laci9 (09-30-2023), Mahmoudnia (02-17-2023), New Tiger (01-18-2023), niculaita (01-20-2023), nig (09-18-2023), nikkapedd (02-13-2023), NoneForce (02-02-2023), Pirrup (03-08-2023), pnta (09-28-2023), Spiderz_Soft (09-16-2023), tacromx (03-06-2024), TechEx (01-28-2023), tonyweb (01-29-2023), Top10 (07-05-2023), uranus64 (01-18-2023), user1 (06-20-2023), user_hidden (01-19-2023), Vosiyons (01-19-2023), WillyTerra (01-19-2023), wilson bibe (01-19-2023), wx69wx2023 (09-17-2023), yoza (01-18-2023), ZeNiX (02-03-2023)
  #2  
Old 01-18-2023, 18:09
yoza's Avatar
yoza yoza is offline
Moderator
 
Join Date: Aug 2015
Location: Himalaya
Posts: 255
Rept. Given: 97
Rept. Rcvd 255 Times in 90 Posts
Thanks Given: 373
Thanks Rcvd at 1,623 Times in 218 Posts
yoza Reputation: 200-299 yoza Reputation: 200-299 yoza Reputation: 200-299
@Nisy
Testing on earlier version (Beta 6), so far it's perfect.
1. For almost targets (protected with VMProtect, Themida, etc.) is OK.
2. But for some target files which have "Anti /Disabled DLL Hijacking" it's still fail.
I haven't tested it further.
I hope you can consider "Anti/Disabled DLL Hijacking" solution for next release.

So far this is the best patcher tools that I ever used.
Keep your nice working.
Reply With Quote
The Following 8 Users Say Thank You to yoza For This Useful Post:
Doit (02-04-2023), Dr.FarFar (01-31-2023), kienmanowar (01-19-2023), niculaita (01-20-2023), pnta (09-28-2023), TechEx (01-28-2023), user1 (07-14-2023), ZeNiX (02-03-2023)
  #3  
Old 01-19-2023, 02:54
LordGarfio LordGarfio is online now
Friend
 
Join Date: Jan 2005
Posts: 62
Rept. Given: 7
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 86
Thanks Rcvd at 71 Times in 25 Posts
LordGarfio Reputation: 2
Hi Nisy,

In Windows XP the application v3.1.0 Build 118, during loading shows the following error message:

Baymax.exe Entry Point Not Found
The procedure entry point DPA_Create could not be located in the dynamic link library comctl32.dll

WinXP is not completely supported ?

Cheers.
Reply With Quote
  #4  
Old 01-19-2023, 04:23
JMP-JECXZ JMP-JECXZ is offline
Friend
 
Join Date: Mar 2017
Posts: 86
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 14
Thanks Rcvd at 102 Times in 48 Posts
JMP-JECXZ Reputation: 1
Quote:
Originally Posted by LordGarfio View Post
Hi Nisy,

In Windows XP the application v3.1.0 Build 118, during loading shows the following error message:

Baymax.exe Entry Point Not Found
The procedure entry point DPA_Create could not be located in the dynamic link library comctl32.dll

WinXP is not completely supported ?

Cheers.
nobody use winxp anymore, only thoses who want to be hacked
Reply With Quote
The Following User Says Thank You to JMP-JECXZ For This Useful Post:
niculaita (01-20-2023)
  #5  
Old 01-19-2023, 09:40
Nisy's Avatar
Nisy Nisy is offline
Family
 
Join Date: Jan 2023
Posts: 13
Rept. Given: 0
Rept. Rcvd 18 Times in 6 Posts
Thanks Given: 1
Thanks Rcvd at 127 Times in 11 Posts
Nisy Reputation: 18
Quote:
Originally Posted by LordGarfio View Post
Hi Nisy,

In Windows XP the application v3.1.0 Build 118, during loading shows the following error message:

Baymax.exe Entry Point Not Found
The procedure entry point DPA_Create could not be located in the dynamic link library comctl32.dll

WinXP is not completely supported ?

Cheers.
The problem has been fixed, thanks for the feedback.

Baymax Patch Tools v3.1.1
Fix compatibility issues with Windows XP system caused by shell
Reply With Quote
The Following 4 Users Say Thank You to Nisy For This Useful Post:
Dr.FarFar (01-31-2023), FasciHunter (01-19-2023), niculaita (01-20-2023), ZeNiX (02-03-2023)
  #6  
Old 01-19-2023, 09:44
Nisy's Avatar
Nisy Nisy is offline
Family
 
Join Date: Jan 2023
Posts: 13
Rept. Given: 0
Rept. Rcvd 18 Times in 6 Posts
Thanks Given: 1
Thanks Rcvd at 127 Times in 11 Posts
Nisy Reputation: 18
Quote:
Originally Posted by yoza View Post
@Nisy
Testing on earlier version (Beta 6), so far it's perfect.
1. For almost targets (protected with VMProtect, Themida, etc.) is OK.
2. But for some target files which have "Anti /Disabled DLL Hijacking" it's still fail.
I haven't tested it further.
I hope you can consider "Anti/Disabled DLL Hijacking" solution for next release.

So far this is the best patcher tools that I ever used.
Keep your nice working.
Thanks to test feedback, the next version may prioritize support for custom hijacking module features. Traditional file patches are difficult to intelligently solve the file verification problem, hijacking patches can theoretically bypass the detection of the process through schemes such as off-link and HookAPI (baymax's function can actually meet part of it), but this egg is still left to crackers to solve it themselves ^_^
Reply With Quote
The Following 2 Users Say Thank You to Nisy For This Useful Post:
copyleft (01-21-2023), Dr.FarFar (01-31-2023)
  #7  
Old 01-19-2023, 12:00
yoza's Avatar
yoza yoza is offline
Moderator
 
Join Date: Aug 2015
Location: Himalaya
Posts: 255
Rept. Given: 97
Rept. Rcvd 255 Times in 90 Posts
Thanks Given: 373
Thanks Rcvd at 1,623 Times in 218 Posts
yoza Reputation: 200-299 yoza Reputation: 200-299 yoza Reputation: 200-299
Quote:
Originally Posted by Nisy View Post
Thanks to test feedback, the next version may prioritize support for custom hijacking module features. Traditional file patches are difficult to intelligently solve the file verification problem, hijacking patches can theoretically bypass the detection of the process through schemes such as off-link and HookAPI (baymax's function can actually meet part of it), but this egg is still left to crackers to solve it themselves ^_^
Right, the custom hijacking module features is one of solution.
So if you consider this features, I am sure that Baymax will be the most complete and most reliable patching tool, out there.
Good luck...
Reply With Quote
The Following 2 Users Say Thank You to yoza For This Useful Post:
Dr.FarFar (01-31-2023), niculaita (01-20-2023)
  #8  
Old 02-02-2023, 09:28
Nisy's Avatar
Nisy Nisy is offline
Family
 
Join Date: Jan 2023
Posts: 13
Rept. Given: 0
Rept. Rcvd 18 Times in 6 Posts
Thanks Given: 1
Thanks Rcvd at 127 Times in 11 Posts
Nisy Reputation: 18
2023.01.30
x86 v3.1.3
x64 v3.1.2
1. Fix compatibility issues with Windows XP system caused by shell
2. Fix a bug introduced in version 3.1: setting When Running to Oep to generate a non-debug version of Loader will cause the target process to start up and get stuck (thanks to fairycn for the feedback)
3. Fix the bug of wrong display of QWORD data for x64 edit condition breakpoints
4. Fix a bug that when editing old bpt projects, the parsing of entries containing conditional breakpoints was wrong (thanks to 737008227 for the feedback)
Reply With Quote
The Following 2 Users Gave Reputation+1 to Nisy For This Useful Post:
MarcElBichon (02-02-2023), user1 (11-13-2023)
The Following 20 Users Say Thank You to Nisy For This Useful Post:
alekine322 (02-03-2023), besoeso (04-17-2023), copyleft (02-05-2023), darkBLACK (03-16-2023), Doit (02-04-2023), Dr.FarFar (04-29-2023), Hypnz (02-05-2023), LordGarfio (02-02-2023), Mendax47 (02-02-2023), New Tiger (02-18-2023), tonyweb (02-03-2023), uranus64 (02-03-2023), user1 (11-13-2023), user_hidden (02-02-2023), Utshiha (02-02-2023), Vosiyons (02-13-2023), wilson bibe (02-02-2023), yoza (02-02-2023), ZeNiX (02-03-2023), Zeokat (02-03-2023)
  #9  
Old 02-13-2023, 02:49
Hypnz Hypnz is offline
Friend
 
Join Date: Oct 2014
Posts: 48
Rept. Given: 6
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 247
Thanks Rcvd at 27 Times in 21 Posts
Hypnz Reputation: 1
Consider to add target dll patch.

Great tool btw!
Reply With Quote
  #10  
Old 02-15-2023, 14:54
banch banch is offline
Friend
 
Join Date: Sep 2005
Posts: 165
Rept. Given: 11
Rept. Rcvd 11 Times in 4 Posts
Thanks Given: 56
Thanks Rcvd at 21 Times in 16 Posts
banch Reputation: 12
I have a target,the program is X86, but the DLL is X64. How to fix it?
Reply With Quote
  #11  
Old 02-16-2023, 09:19
Nisy's Avatar
Nisy Nisy is offline
Family
 
Join Date: Jan 2023
Posts: 13
Rept. Given: 0
Rept. Rcvd 18 Times in 6 Posts
Thanks Given: 1
Thanks Rcvd at 127 Times in 11 Posts
Nisy Reputation: 18
Quote:
Originally Posted by banch View Post
I have a target,the program is X86, but the DLL is X64. How to fix it?
temporarily not supported
Reply With Quote
  #12  
Old 03-08-2023, 06:04
Pirrup Pirrup is offline
Guest
 
Join Date: Apr 2022
Posts: 3
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 6
Thanks Rcvd at 6 Times in 2 Posts
Pirrup Reputation: 0
Quote:
Originally Posted by JMP-JECXZ View Post
nobody use winxp anymore, only thoses who want to be hacked
I still use xp vm for reversing older stuff
Reply With Quote
The Following User Says Thank You to Pirrup For This Useful Post:
niculaita (03-08-2023)
  #13  
Old 04-16-2023, 22:57
CRC32 CRC32 is online now
Friend
 
Join Date: Oct 2014
Posts: 26
Rept. Given: 6
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 61
Thanks Rcvd at 12 Times in 10 Posts
CRC32 Reputation: 0
Is there a detailed tutorial for this somewhere?
Reply With Quote
  #14  
Old 04-17-2023, 14:45
disauto disauto is online now
Friend
 
Join Date: May 2011
Posts: 115
Rept. Given: 14
Rept. Rcvd 22 Times in 15 Posts
Thanks Given: 14
Thanks Rcvd at 76 Times in 22 Posts
disauto Reputation: 22
Quote:
Originally Posted by CRC32 View Post
Is there a detailed tutorial for this somewhere?


onedrive):https://v.gd/swP8HG
百度云:链接:https://pan.baidu.com/s/1vjm0pFQ4qAl3GpPRsBVSmw 提取码:6666
Reply With Quote
The Following User Says Thank You to disauto For This Useful Post:
CRC32 (04-17-2023)
  #15  
Old 04-17-2023, 14:47
disauto disauto is online now
Friend
 
Join Date: May 2011
Posts: 115
Rept. Given: 14
Rept. Rcvd 22 Times in 15 Posts
Thanks Given: 14
Thanks Rcvd at 76 Times in 22 Posts
disauto Reputation: 22
Quote:
Originally Posted by disauto View Post
BaymaxPatchTools 2.9.5.4 下载&安装&使用教程
onedrive:https://v.gd/swP8HG
百度云:链接:https://pan.baidu.com/s/1vjm0pFQ4qAl3GpPRsBVSmw 提取码:6666
16.42AA38 Registration Machine Adding Memory and Displaying Registration Code.mp4

https://www.bilibili.com/video/BV17V411b7EA/



15. How to concatenate strings in the registration machine display. mp4

https://www.bilibili.com/video/BV1Y54y1t7ex/



14. Pop Frame Display Registration Machine.mp4

https://www.bilibili.com/video/BV1zX4y1u79Z/



13.42AA98 Modify Flag Register Method Patch. mp4

https://www.bilibili.com/video/BV1Wo4y1Z7tu/



12. Add anti debugging detection.mp4

https://www.bilibili.com/video/BV1DV411b7iQ/



Overview of decoding timing and patch types. mp4

https://www.bilibili.com/video/BV1mf4y1e7nR/



10. Options for patching multiple exe or dlls in the same directory. mp4

https://www.bilibili.com/video/BV1qz4y1r7bC/



9. Add abnormal interrupt patch NOP.mp4

https://www.bilibili.com/video/BV1Lp4y1B7nq/



8-2 Instructions Replace Patch.mp4

https://www.bilibili.com/video/BV1Fi4y1w7Co/



8-1 Instruction Replacement Patch.mp4

https://www.bilibili.com/video/BV1ui4y1w7LE/



7. In-depth analysis and exploration of possible blasting methods. mp4

https://www.bilibili.com/video/BV1Mp4y1B7Zu/



6. String conversion. mp4

https://www.bilibili.com/video/BV17h411f7tR/



5. Feature Code Search.mp4

https://www.bilibili.com/video/BV1ty4y1U7fB/



4. Offset Conversion. mp4

https://www.bilibili.com/video/BV1Dz4y1r7to/



3. File Comparison.mp4

https://www.bilibili.com/video/BV1Az4y1k7NN/



2. Overview of White Menu. mp4

https://www.bilibili.com/video/BV1Jz4y1r7s4/



1. Software and plugins required during environment setup debugging process. mp4

https://www.bilibili.com/video/BV1Az4y1k7np/



I followed the advice of my classmates downstairs and added a column:

https://space.bilibili.com/322368077/channel/detail?cid=163879 Thumbnail schema

https://www.bilibili.com/video/BV1Do4y1Z7r7 Right List Style
Reply With Quote
The Following 8 Users Say Thank You to disauto For This Useful Post:
Apuromafo (03-26-2024), CRC32 (04-17-2023), Hypnz (04-26-2023), JyotiDwivedi (03-27-2024), niculaita (04-19-2023), sh3dow (04-22-2023), user1 (06-23-2023), Vosiyons (04-17-2023)
Reply

Tags
baymax

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 20:07.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )