首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. OllyDbg插件区
    3. 发新帖
[转帖]OllyDbg plugin code name Swordfish
发表于: 2013-3-27 06:37 6028

[转帖]OllyDbg plugin code name Swordfish

chixiaojie 活跃值
2013-3-27 06:37
6028
贴子来源:131K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4@1y4s2u0W2i4K6u0W2j5$3!0E0i4K6u0r3k6W2)9J5c8Y4y4Z5L8%4N6@1K9s2u0W2j5h3c8Q4x3X3g2H3K9s2m8Q4x3@1j5I4x3o6V1J5x3#2)9J5k6p5!0D9L8s2W2p5j5X3N6Q4x3X3c8H3L8s2g2Y4K9h3&6Q4x3X3c8U0L8$3c8W2i4K6u0V1L8X3q4E0k6g2)9J5k6q4y4%4L8%4u0V1k6X3W2K6K9l9`.`.

THE PROJECT:
        -----------------------------
            - OllyDbg plugin: Code name Swordfish beta release review #16 date 26/03/2013
            - OllyDbg supported release: 201h
            - Released by Arab Team for Reverse Engineering (AT4RE)
            - Coded by torpedo from AT4RE

        Road map: Work in progress
            - Final release v1.0 planned for: 31/03/2013
            - Additional features
            - New beta release v1.1 planned for: 10/04/2013
            - Final release v1.1 planned for: 15/04/2013
            - New road map

        FEATURES:
        ---------------------------------
            Tools:
            -----------------------------
                [+] Clear udd files
                
            Hide debugger:
            -----------------------------
                [+] PEB!BeingDebugged
                [+] PEB!NtGlobalFlags
                [+] Find OD Windows bypass

            Set breakpoints (hard coded):
            -----------------------------
                [+] 01- CreateWindowExW
                [+] 02- ShowWindow
                [+] 03- GetWindowTextW
                [+] 04- GetDlgItemTextW
                [+] 05- CreateFileW
                [+] 06- OpenFile
                [+] 07- ReadFile
                [+] 08- WriteFile
                [+] 09- LoadLibraryW
                [+] 10- MoveFileW
                [+] 11- DeleteFileW
                [+] 12- RegOpenKeyW
                [+] 13- RegCloseKey
                [+] 14- RegQueryValueW
                [+] 14- RegSetValueW


本地下载: OdPluginSwordfish.rar

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

上传的附件:
收藏
免费 0
支持
分享
最新回复 (5)
yingyue
雪    币: 1844
活跃值: (35)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
私信
2
嗯,收下,谢
2013-3-27 10:54
0
linhanshi
雪    币: 106728
活跃值: (202444)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
3
2013-3-29 10:00
0
chixiaojie
雪    币: 3411
活跃值: (2132)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4 
OllyDbg plugin: Swordfish v1.0 Final release date 31/03/2013

- OllyDbg supported release: 201h
- Released by Arab Team for Reverse Engineering (AT4RE)
- Coded by torpedo from AT4RE

Road map: Work in progress
- New beta release v1.1 planned for: 10/04/2013

FEATURES:
-----------------------------------------
    Tools:
    -------------------------------------
        [+] Clear udd files

    Hide debugger:
    -------------------------------------
        [+] PEB!BeingDebugged
        [+] PEB!NtGlobalFlags
        [+] PEB!HeapFlags
        [+] Find OD Windows bypass

    Set breakpoints (hard coded):
    -------------------------------------
        [+] user32.GetWindowTextW
        [+] user32.GetDlgItemTextW

        [+] user32.MessageBoxIndirectW
        [+] user32.MessageBoxTimeoutW
        [+] user32.SoftModalMessageBox

        [+] user32.CreateWindowExW
        [+] user32.ShowWindow

        [+] kernel32.CreateFileW
        [+] kernel32.OpenFile
        [+] kernel32.ReadFile
        [+] kernel32.WriteFile
        [+] kernel32.LoadLibraryW
        [+] kernel32.MoveFileW
        [+] kernel32.DeleteFileW

        [+] advapi32.RegOpenKeyExW
        [+] advapi32.RegCloseKey
        [+] advapi32.RegQueryValueExW
        [+] advapi32.RegSetValueExW

        [+] kernel32.CreateToolhelp32Snapshot
        [+] kernel32.Process32FirstW
        [+] kernel32.Module32FirstW
        [+] Kernel32.Toolhelp32ReadProcessMemory
        [+] kernel32.OpenProcess
        [+] kernel32.WriteProcessMemory
        [+] kernel32.ReadProcessMemory
        [+] kernel32.CreateProcessW
        [+] kernel32.VirtualProtectEx

        [+] advapi32.OpenSCManagerW
        [+] advapi32.OpenServiceW
        [+] advapi32.StartServiceW
        [+] advapi32.DeleteService

        [+] msvbvm60.ThunRTMain
        [+] msvbvm60.rtcMsgBox
        [+] msvbvm60.__vbaStrCmp
        [+] msvbvm60.__vbaStrComp
        [+] msvbvm60.__vbaFreeStr
        [+] msvbvm60.__vbaFileOpen
        [+] msvbvm60.__vbaInputFile
        [+] msvbvm60.__vbaWriteFile
        [+] msvbvm60.__vbaStrCompVar
        [+] msvbvm60.__vbaStrTextCmp
        [+] msvbvm60.__vbaFileSeek
        [+] msvbvm60.__vbaFileClose
        [+] msvbvm60.__vbaVarTstEq


Swordfish_v1.0.rar
上传的附件:
2013-4-1 10:38
0
linhanshi
雪    币: 106728
活跃值: (202444)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5
Swordfish 1.1
OllyDbg plugin: Swordfish v1.1 beta release date 10/04/2013

- OllyDbg supported release: 201h
- Released by Arab Team for Reverse Engineering (AT4RE)
- Coded by torpedo from AT4RE

FEATURES:
-----------------------------------------
Tools:
-------------------------------------
[+] Clear udd files

Hide debugger:
-------------------------------------
[+] PEB!BeingDebugged
[+] PEB!NtGlobalFlags
[+] PEB!HeapFlags
[+] Find OD Windows bypass
[+] CheckRemoteDebuggerPresent
[+] GetClassInfo(A-W-ExA-ExW)
[+] FindWindow(A-W-ExA-ExW)
[+] GetTikCount
[+] NtQueryPerformanceCounter

Set breakpoints (hard coded):
-------------------------------------
[+] user32.GetWindowTextW
[+] user32.GetDlgItemTextW

[+] user32.MessageBoxIndirectW
[+] user32.MessageBoxTimeoutW
[+] user32.SoftModalMessageBox

[+] user32.CreateWindowExW
[+] user32.ShowWindow

[+] kernel32.CreateFileW
[+] kernel32.OpenFile
[+] kernel32.ReadFile
[+] kernel32.WriteFile
[+] kernel32.LoadLibraryW
[+] kernel32.MoveFileW
[+] kernel32.DeleteFileW

[+] advapi32.RegOpenKeyExW
[+] advapi32.RegCloseKey
[+] advapi32.RegQueryValueExW
[+] advapi32.RegSetValueExW

[+] kernel32.CreateToolhelp32Snapshot
[+] kernel32.Process32FirstW
[+] kernel32.Module32FirstW
[+] Kernel32.Toolhelp32ReadProcessMemory
[+] kernel32.OpenProcess
[+] kernel32.WriteProcessMemory
[+] kernel32.ReadProcessMemory
[+] kernel32.CreateProcessW
[+] kernel32.VirtualProtectEx

[+] advapi32.OpenSCManagerW
[+] advapi32.OpenServiceW
[+] advapi32.StartServiceW
[+] advapi32.DeleteService

[+] msvbvm60.ThunRTMain
[+] msvbvm60.rtcMsgBox
[+] msvbvm60.__vbaStrCmp
[+] msvbvm60.__vbaStrComp
[+] msvbvm60.__vbaFreeStr
[+] msvbvm60.__vbaFileOpen
[+] msvbvm60.__vbaInputFile
[+] msvbvm60.__vbaWriteFile
[+] msvbvm60.__vbaStrCompVar
[+] msvbvm60.__vbaStrTextCmp
[+] msvbvm60.__vbaFileSeek
[+] msvbvm60.__vbaFileClose
[+] msvbvm60.__vbaVarTstEq

上传的附件:
2013-4-13 14:10
0
chixiaojie
雪    币: 3411
活跃值: (2132)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6
Swordfish_beta_(REV#4)1.1

Swordfish release history
--------------------------
12/04/2013 (BETA 1.1 REV#4 released)
[*] fixed conflict with OllyExt 1.2 plugin (thanks to cxj98 for report)


Swordfish_beta_(REV#4)1.1.rar
上传的附件:
2013-4-13 14:56
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回