Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-01-2024, 19:26
traf0 traf0 is offline
Family
 
Join Date: Nov 2017
Posts: 91
Rept. Given: 3
Rept. Rcvd 5 Times in 5 Posts
Thanks Given: 251
Thanks Rcvd at 135 Times in 50 Posts
traf0 Reputation: 5
themida-unmutate

A Python 3 tool to statically deobfuscate functions protected by Themida 3.x's mutation-based obfuscation.

Features
Automatically resolve trampolines' destination addresses
Statically deobfuscate mutated functions
Rebuild fully working binaries
Binary Ninja integration

Known Limitations
Doesn't support ARM64 binaries

Homepage
Code:
https://github.com/ergrelet/themida-unmutate
Reply With Quote
The Following User Gave Reputation+1 to traf0 For This Useful Post:
niculaita (11-19-2024)
The Following 6 Users Say Thank You to traf0 For This Useful Post:
ahmadmansoor (07-02-2024), Apuromafo (07-01-2024), h8er (07-14-2024), nganggur (07-08-2024), niculaita (07-02-2024), WRP (07-02-2024)
  #2  
Old 07-01-2024, 19:39
wilson bibe wilson bibe is offline
VIP
 
Join Date: Nov 2012
Posts: 501
Rept. Given: 492
Rept. Rcvd 439 Times in 180 Posts
Thanks Given: 988
Thanks Rcvd at 179 Times in 114 Posts
wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499 wilson bibe Reputation: 400-499
Hello can you publish the release of this? Thanks
Reply With Quote
  #3  
Old 07-01-2024, 20:55
th3tuga th3tuga is offline
Friend
 
Join Date: Oct 2023
Posts: 30
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 16 Times in 10 Posts
th3tuga Reputation: 0
Quote:
Originally Posted by wilson bibe View Post
Hello can you publish the release of this? Thanks
This is a python-based plugin for Binary Ninja.
Nothing to publish in Releases except the same source code as a zip file.
Reply With Quote
  #4  
Old 07-02-2024, 04:05
blue_devil's Avatar
blue_devil blue_devil is offline
Family
 
Join Date: Dec 2011
Location: Observable Universe
Posts: 389
Rept. Given: 85
Rept. Rcvd 55 Times in 28 Posts
Thanks Given: 414
Thanks Rcvd at 587 Times in 195 Posts
blue_devil Reputation: 55
This is a standalone python script and it provides binary Ninja plugin too.

To install
Code:
pip install git+https://github.com/ergrelet/themida-unmutate.git
Reply With Quote
The Following User Gave Reputation+1 to blue_devil For This Useful Post:
Fyyre (07-07-2024)
The Following 2 Users Say Thank You to blue_devil For This Useful Post:
ahmadmansoor (07-02-2024), Doit (07-03-2024)
  #5  
Old 11-16-2024, 04:38
KockataHlava KockataHlava is offline
Friend
 
Join Date: Feb 2016
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 2 Times in 1 Post
KockataHlava Reputation: 0
Does this project work also for the newest Themida 3.2.2.0?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 15:53.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2025 )