#32
|
||||
|
||||
are you serious? he calls Chuck Norris and VM revers it self
|
The Following User Gave Reputation+1 to b30wulf For This Useful Post: | ||
Conquest (11-15-2013) |
The Following User Says Thank You to b30wulf For This Useful Post: | ||
Indigo (07-19-2019) |
#33
|
||||
|
||||
lol
Many of us don't have knowledge to reverse a simple crackme. |
The Following User Gave Reputation+1 to giv For This Useful Post: | ||
b30wulf (11-16-2013) |
The Following User Says Thank You to giv For This Useful Post: | ||
Indigo (07-19-2019) |
#34
|
||||
|
||||
[v1.7]
- FISH machine avaible (WHITE and RED variants) - Added Vm signatures Hi all, the new version of this plug-in supports the FISH virtual machine, WHITE and RED variants. Some words about this machine... It mixes both CISC and RISC architecture, but the code isn't like template anymore, every virtual machine has a new different number of handlers, and every handler contains a different execution path, a little tricky, but nothing that can't be 'devirtualized' , maybe i'll write a paper about FISH and TIGER machines later. Some specs that aren't coded yet: - Support for Check macro; - Sort algo is very unstable - This plugin may crash when deofuscating very rare sequences, (most of them are 'expected' specially when crash was due to an ud2 instruction). - Suppor for BLACK variants ... About TIGER, I have no plans for the moment, but it isn't very different from FISH analog. Plug-in was tested with 2.2.6.0 version, other versions may have variants that this plug-in couldn't handle. Deathway. |
The Following 20 Users Gave Reputation+1 to Deathway For This Useful Post: | ||
ahmadmansoor (02-01-2014), alekine322 (02-01-2014), Av0id (02-04-2014), b30wulf (01-31-2014), besoeso (02-01-2014), canopus (02-01-2014), Conquest (01-31-2014), copyleft (02-01-2014), deepzero (01-31-2014), Ember (02-01-2014), giv (01-31-2014), Insid3Code (02-02-2014), kjms (02-01-2014), Kla$ (01-31-2014), nikkapedd (02-03-2014), pertican (02-01-2014), softgate (01-31-2014), tonyweb (02-01-2014), ZeNiX (02-01-2014), Zipdecode (01-31-2014) |
The Following User Says Thank You to Deathway For This Useful Post: | ||
Indigo (07-19-2019) |
#35
|
|||
|
|||
Quote:
|
The Following User Says Thank You to Conquest For This Useful Post: | ||
Indigo (07-19-2019) |
#36
|
||||
|
||||
Is amaizing how fast you do the update.
It seems that you have a very good knownledge of the VM's. Bravo and thank you! |
The Following User Says Thank You to giv For This Useful Post: | ||
Indigo (07-19-2019) |
#38
|
||||
|
||||
Really nice work Deathway.
but any example files or update for movie tut . many thanks .
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
The Following User Says Thank You to ahmadmansoor For This Useful Post: | ||
Indigo (07-19-2019) |
#39
|
||||
|
||||
[v1.8]
- FISH BLACK variant avaible - Fixed deofuscation order (GenV6) - New deofucation scheme for FISH machine - New smart code tracer for FISH machines - Stack sort for FISH commands - Improved management of memory (faster deofuscation) - Added movzx reg32, [esp+eax+memoffset] on CISC machines - Added a message prompt when the opcode buffer is not enough - Added LEAVE instruction for FISH machines - Added support for CALLs to VM section in FISH machines - CHECK_PROTECTION macro disabled, now it must be restored by hand - Fixed QWORD incorrect names for some opcodes - Fixed a problem when deofuscating RISC machines Thanks people for all your reports, the plug-in becomes more powerful every day. Now it fully supports FISH machines. CHECK_PROTECTION macro has been disbled, it must be restored by hand, there were many troubles when handling this kind of macro. CodeVirtualizer machines aren't supported (FISH-TIGER). Hope you like this new update, happy reversing Deathway. |
The Following 11 Users Gave Reputation+1 to Deathway For This Useful Post: | ||
The Following User Says Thank You to Deathway For This Useful Post: | ||
Indigo (07-19-2019) |
#41
|
||||
|
||||
anyone still own the video tutorial deathway made?
|
The Following User Says Thank You to DMichael For This Useful Post: | ||
Indigo (07-19-2019) |
#42
|
|||
|
|||
hi
i try doing modify this program but i not found source of this program i am sorry for my bad english |
#43
|
||||
|
||||
I will give you a hand.
Quote:
|
The Following User Gave Reputation+1 to giv For This Useful Post: | ||
DMichael (12-24-2014) |
The Following User Says Thank You to giv For This Useful Post: | ||
Indigo (07-19-2019) |
#44
|
|||
|
|||
closed source. even if it gets open source , those who will be able to make future progress, are already good enough to make something similar like this.
|
The Following User Says Thank You to Conquest For This Useful Post: | ||
Indigo (07-19-2019) |
Tags |
codevirualizer, decompiler |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
[VB. NET 2010] Oreans Unvirtualizer plugin file processor | giv | Source Code | 0 | 07-21-2015 16:18 |