|
Obfuscate code
Hello
I have a KeygenMe with a big obfuscate code Gives any good tools to deobfuscate this code? What is your experience with Ida plugin "Codedoctor"? Or use you other plugins or tools? Regards, |
Quote:
native Intel x32/x64 java .net etc? |
Microsoft Visual C++ x32
|
The subject is not wellcovered by tools, so you could even write yourself one:)
some materials... https://www.hex-rays.com/products/ida/support/ppt/caro_obfuscation.ppt http://recon.cx/2008/a/eric_d_lapse/Deobfuscator_RECON2008.ppt optimice Deobfuscation plugin for IDA http://code.google.com/p/optimice/ Simple Deobfuscation of Code Transformation http://hooked-on-mnemonics.blogspot.com/2012/10/simple-deobfuscation-of-code.html IDA Plugin deofuscator plugin http://www.openrce.org/forums/posts/1915 Ariadne Deobfuscation Technology (IDA/Olly plugins) http://ariadne.group-ib.ru/en/about or here http://www.woodmann.com/collaborative/tools/index.php/Ariadne Attacking Obfuscated code with Ida Pro http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-eagle.pdf Code doctor plugin has some deobfuscating features http://www.woodmann.com/collaborative/tools/index.php/CodeDoctor lots of cool IDA plugins coudl be found in contests by years https://www.hex-rays.com/contests/index.shtml ...... |
Quote:
|
| All times are GMT +8. The time now is 19:39. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX