#46
|
|||
|
|||
ahmad:
Get well! Your post showed up twice, so I deleted the second copy, after making sure they were both the same. Regards,
__________________
JMI |
#47
|
||||
|
||||
I am sorry JMI I think the Illness make me unwill
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#49
|
||||
|
||||
@BoRoV : the same problem at the end of "Analyse all VM references"
olly shutdown !!! failed I try it on modified olly and original olly . by the way ,did u see this movie . http://www.filesend.net/download.php...b41755226d09fb Thanks for support
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#50
|
|||
|
|||
Hello,
@ BoRoV & progopis Thanks for the new version so now it does no more crash.I have test the new version again and I get this problems. Code:
Can't make marking IAT to address - 0043421C. Two DLL (ƒÄ‹ÆëÚÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌl - ) are in one section, create intersections dividers and repeat analysis! Code:
VMS Decompiling intermediate code...a12 final Unknown identifier in xor efl, eax VMS: Error Code not created Code:
VM Reference Window Set BPs on all Set BPs on all Postponed Set BPs on all Processing Nice to see you again.Back in town. So if the file not work with win Vista or 7 then try to disable the ASLR feature.So its a OS setting.Dont ask me where to find this so I just heard it also for the first time from a other win7 user. So on the other hand it can be that Vista / Win7 are using some other APIs which you need to translate...something like for win 2000 with... RtlGetLastWin32Error = GetLastError RtlSetLastWin32Error = SetLastError ...maybe..you know.So unfortunately I can't test it by myself so I have just winXP and no more a VM Ware with a other OS where I can test to find the problems. Maybe you can figure out something. greetz |
#51
|
||||
|
||||
Hi LCF-At :
Thanks for ur nice word's , yes I am back ,but I still weak (ill) . anyway about "ASLR feature" as u describe it ,it is feature in upper OS like win 7 & Vista . and disable it not that good , I have read this Quote:
anyway as I told u I have a plane to support ur script , but I have to be sure it will be work ,and I will send all the details to u when finish , maybe we could prove it and improve it . let hope it will work . thanks for all ur great work . by the way for me the plugin not work on my target , can u try it on ur PC ,thanks
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#52
|
|||
|
|||
Hhmmm,ah ok.I will send you some power up's.
Seems to be really a problem with the ASLR stuff.Oh I am curious for your plan & results. I will wait till you are done. So do you mean the S Eye app?If yes then I have to say that the target is no more on my HDD. Or do you mean your VB target which you have attached here on board?If yes then I can say that I have test it again with the latest plugin version and it still not work and hangs again on 21 % durring the VM Analyzing.Nothing happend after this.So I think BoRoV & progopis should use this VB target too to find the problem. greetz |
#53
|
||||
|
||||
Ooops ..... Ooo pls ,because I needed
Quote:
Quote:
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#54
|
|||
|
|||
Good tool.
3Q. |
#55
|
|||
|
|||
Sorry guys, but last Vamit builds have no my changes. I have no time for commit my work to SVN... Maybe a few weeks later I will do it.
The problem of OllyDbg disasm annoys me. It incorrectly decodes FPU instructions. And plug-in doesn't work with FullDisasm by Beatrix together... I need free time for this problem. P.S. The fact that I'm getting married soon, lol) |
The Following User Gave Reputation+1 to progopis For This Useful Post: | ||
ahmadmansoor (12-28-2010) |
#56
|
||||
|
||||
Nice to know that my friend ....Good for u .
and happy marry ..... take care after married u will not have a time for us at all . epically if she is beautiful . so take ur time , no problem we can wait . things make u happy ,will make us happy too ... Best Reagrds note: we will wait the pictures
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
The Following User Gave Reputation+1 to ahmadmansoor For This Useful Post: | ||
progopis (12-30-2010) |
#57
|
|||
|
|||
Yes happy marry to progopis! Now you are going right into the jail! Good luck and keep your money together.
So did someone of you already test the VMP Debugger? greetz |
#58
|
||||
|
||||
VMSweeper 1.4 beta 6
http://rghost.net/4045176/private/f7fe4133d63053c4345acb0c4cf085cc |
#59
|
|||
|
|||
I cannot get this plugin working on CodeVirtualizer targets. It errors with "Error at determine type VM entry point" for every VM'd function.
From the log: Code:
Instr: 15 parsing - 0x00454D4F: lock dword ptr ds:[edi + 30h], ecx #ERROR# TraceCodes: Instruction lock has no handler! |
#60
|
|||
|
|||
thanks for public
|
Tags |
codevirualizer, decompiler, vmprotect, vmsweeper |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Is there linux vm tool like vmprotect? | swlepus | General Discussion | 4 | 12-23-2011 10:07 |