|
ahmad:
Get well! ;) Your post showed up twice, so I deleted the second copy, after making sure they were both the same. Regards, |
I am sorry JMI :D I think the Illness make me unwill :p
|
test it VMSweeper 1.4 beta 3
http://rghost.net/3641920 |
@BoRoV : the same problem at the end of "Analyse all VM references"
olly shutdown !!! failed I try it on modified olly and original olly . by the way ,did u see this movie . http://www.filesend.net/download.php...b41755226d09fb Thanks for support |
Hello,
@ BoRoV & progopis Thanks for the new version so now it does no more crash.I have test the new version again and I get this problems. Code:
Can't make marking IAT to address - 0043421C.Code:
VMS Decompiling intermediate code...a12 finalCode:
VM Reference WindowNice to see you again.Back in town. :) So if the file not work with win Vista or 7 then try to disable the ASLR feature.So its a OS setting.Dont ask me where to find this so I just heard it also for the first time from a other win7 user. So on the other hand it can be that Vista / Win7 are using some other APIs which you need to translate...something like for win 2000 with... RtlGetLastWin32Error = GetLastError RtlSetLastWin32Error = SetLastError ...maybe..you know.So unfortunately I can't test it by myself so I have just winXP and no more a VM Ware with a other OS where I can test to find the problems. :( Maybe you can figure out something. greetz |
Hi LCF-At :
Thanks for ur nice word's , yes I am back ,but I still weak (ill) . anyway about "ASLR feature" as u describe it ,it is feature in upper OS like win 7 & Vista . and disable it not that good , I have read this Quote:
anyway as I told u I have a plane to support ur script , but I have to be sure it will be work ,and I will send all the details to u when finish , maybe we could prove it and improve it :D . let hope it will work . thanks for all ur great work . by the way for me the plugin not work on my target , can u try it on ur PC ,thanks |
Hhmmm,ah ok.I will send you some power up's. :)
Seems to be really a problem with the ASLR stuff.Oh I am curious for your plan & results. :) I will wait till you are done. So do you mean the S Eye app?If yes then I have to say that the target is no more on my HDD. Or do you mean your VB target which you have attached here on board?If yes then I can say that I have test it again with the latest plugin version and it still not work and hangs again on 21 % durring the VM Analyzing.Nothing happend after this.So I think BoRoV & progopis should use this VB target too to find the problem. greetz |
Quote:
Quote:
Quote:
|
Good tool.
3Q. |
Sorry guys, but last Vamit builds have no my changes. I have no time for commit my work to SVN... Maybe a few weeks later I will do it.
The problem of OllyDbg disasm annoys me. It incorrectly decodes FPU instructions. And plug-in doesn't work with FullDisasm by Beatrix together... I need free time for this problem. P.S. The fact that I'm getting married soon, lol) |
Nice to know that my friend :D ....Good for u .
and happy marry ..... take care after married u will not have a time for us at all ;) . epically if she is beautiful :rolleyes: . so take ur time , no problem we can wait . things make u happy ,will make us happy too ... :) Best Reagrds note: we will wait the pictures :p |
Yes happy marry to progopis! :) Now you are going right into the jail! ;) Good luck and keep your money together.
So did someone of you already test the VMP Debugger? greetz |
VMSweeper 1.4 beta 6
http://rghost.net/4045176/private/f7fe4133d63053c4345acb0c4cf085cc |
I cannot get this plugin working on CodeVirtualizer targets. It errors with "Error at determine type VM entry point" for every VM'd function.
From the log: Code:
Instr: 15 parsing - 0x00454D4F: lock dword ptr ds:[edi + 30h], ecx |
thanks for public
|
| All times are GMT +8. The time now is 14:01. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX