Arma Intruder 0.4-安全工具-看雪-安全社区|安全招聘|kanxue.com

最新回复 (3)
clide2000 雪币： 301 活跃值： (300) 能力值： ( LV9，RANK：290 ) 在线值：发帖 56 回帖 1209 粉丝 2 关注私信	clide2000 7 2 楼 Good job! Thanks! 2007-5-22 09:06 0
kanxue 雪币： 58782 活跃值： (21931) 能力值： (RANK：350 ) 在线值：发帖 2384 回帖 17068 粉丝 615 关注私信	kanxue 8 3 楼 e48K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8Y4y4Z5L8%4N6@1L8%4m8A6j5#2)9K6c8o6f1#2y4U0l9`. Here's the long awaited tool I wrote for analyzing Armadillo protected apps. I waited 'til the tsrh site was back up (e31K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2@1M7%4u0Z5i4K6u0W2L8%4u0Y4i4K6u0W2N6h3q4Q4x3V1j5`."" target="_blank">tsrh.org.ua) and I could release it properly. Big question is of course: why should you use this and not ArmaFP? Answer: This is static (never executes the file), it gets the OEP and it shows the build date of Armadillo. Also it shows you the copymem byte (highest byte of the raw options), this is what the program is xored with when first decrypting CopyMem-II. You can download it from the TSRh mirrors or grab it here: a64K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6E0K9h3S2V1i4K6u0W2L8X3g2@1i4K6u0r3N6i4k6A6x3U0j5I4"" target="_blank">f0fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2A6K9r3c8Q4x3X3g2F1k6i4c8Q4x3V1k6#2N6X3V1J5y4U0p5`. 492K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k67x3o6u0Q4x3X3g27N6i4m8D9L8$3q4V1i4K6u0W2j5$3!0E0i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8Q4x3X3g2H3K9s2m8Q4x3@1k6X3K9h3I4W2i4K6y4p5k6$3g2@1k6X3W2D9k6g2)9J5y4X3k6A6L8r3g2H3j5i4c8Z5i4K6y4p5x3K6l9H3y4o6b7`."" target="_blank">18bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4Z5H3x3W2)9J5k6i4A6#2M7r3I4G2j5h3c8Q4x3X3g2U0L8$3#2Q4x3V1k6V1L8%4N6F1L8r3!0S2k6q4)9J5k6i4m8Z5M7q4)9K6c8X3k6A6L8r3g2Q4x3@1c8Y4i4K6u0W2i4K6u0W2i4K6u0W2i4K6y4n7k6X3W2D9k6i4m8S2N6r3S2Q4x3@1b7K6x3o6l9@1y4l9`.`. aaaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2V1K9i4k6K6K9r3q4J5k6g2)9J5k6h3y4G2L8g2)9J5c8X3c8G2N6$3&6D9L8$3q4V1i4K6u0r3y4U0V1&6y4U0M7%4i4K6u0V1x3$3q4V1"" target="_blank">40cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8A6N6Y4y4Z5j5i4u0W2i4K6u0W2j5$3!0E0i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8Q4x3V1j5$3z5e0V1$3y4K6N6Q4x3X3b7K6j5h3b7`. 上传的附件： arma.intruder.0.4.tool-tsrh.zip （45.03kb，70次下载） tsrh.nfo （11.45kb，4次下载） 2007-5-22 10:37 0
Lancia 雪币： 219 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 498 粉丝 0 关注私信	Lancia 4 楼好工具！谢谢～～ 2007-5-22 19:04 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (3)
clide2000 雪币： 301 活跃值： (300) 能力值： ( LV9，RANK：290 ) 在线值：发帖 56 回帖 1209 粉丝 2 关注私信	clide2000 7 2 楼 Good job! Thanks! 2007-5-22 09:06 0
kanxue 雪币： 58782 活跃值： (21931) 能力值： (RANK：350 ) 在线值：发帖 2384 回帖 17068 粉丝 615 关注私信	kanxue 8 3 楼 e48K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8Y4y4Z5L8%4N6@1L8%4m8A6j5#2)9K6c8o6f1#2y4U0l9`. Here's the long awaited tool I wrote for analyzing Armadillo protected apps. I waited 'til the tsrh site was back up (e31K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2@1M7%4u0Z5i4K6u0W2L8%4u0Y4i4K6u0W2N6h3q4Q4x3V1j5`."" target="_blank">tsrh.org.ua) and I could release it properly. Big question is of course: why should you use this and not ArmaFP? Answer: This is static (never executes the file), it gets the OEP and it shows the build date of Armadillo. Also it shows you the copymem byte (highest byte of the raw options), this is what the program is xored with when first decrypting CopyMem-II. You can download it from the TSRh mirrors or grab it here: a64K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6E0K9h3S2V1i4K6u0W2L8X3g2@1i4K6u0r3N6i4k6A6x3U0j5I4"" target="_blank">f0fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2A6K9r3c8Q4x3X3g2F1k6i4c8Q4x3V1k6#2N6X3V1J5y4U0p5`. 492K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k67x3o6u0Q4x3X3g27N6i4m8D9L8$3q4V1i4K6u0W2j5$3!0E0i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8Q4x3X3g2H3K9s2m8Q4x3@1k6X3K9h3I4W2i4K6y4p5k6$3g2@1k6X3W2D9k6g2)9J5y4X3k6A6L8r3g2H3j5i4c8Z5i4K6y4p5x3K6l9H3y4o6b7`."" target="_blank">18bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4Z5H3x3W2)9J5k6i4A6#2M7r3I4G2j5h3c8Q4x3X3g2U0L8$3#2Q4x3V1k6V1L8%4N6F1L8r3!0S2k6q4)9J5k6i4m8Z5M7q4)9K6c8X3k6A6L8r3g2Q4x3@1c8Y4i4K6u0W2i4K6u0W2i4K6u0W2i4K6y4n7k6X3W2D9k6i4m8S2N6r3S2Q4x3@1b7K6x3o6l9@1y4l9`.`. aaaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6G2M7Y4g2E0M7#2)9J5k6h3q4U0j5$3g2K6M7%4u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3q4U0N6q4)9K6c8r3!0#2N6q4)9J5y4Y4g2J5L8q4)9K6c8r3S2@1N6s2m8Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2V1K9i4k6K6K9r3q4J5k6g2)9J5k6h3y4G2L8g2)9J5c8X3c8G2N6$3&6D9L8$3q4V1i4K6u0r3y4U0V1&6y4U0M7%4i4K6u0V1x3$3q4V1"" target="_blank">40cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8A6N6Y4y4Z5j5i4u0W2i4K6u0W2j5$3!0E0i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8Q4x3V1j5$3z5e0V1$3y4K6N6Q4x3X3b7K6j5h3b7`. 上传的附件： arma.intruder.0.4.tool-tsrh.zip （45.03kb，70次下载） tsrh.nfo （11.45kb，4次下载） 2007-5-22 10:37 0
Lancia 雪币： 219 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 9 回帖 498 粉丝 0 关注私信	Lancia 4 楼好工具！谢谢～～ 2007-5-22 19:04 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复