Exetools

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebug��s tricks (https://forum.exetools.com/showthread.php?t=16499)

sh3dow 01-31-2015 21:47
DbgHook plugin for Olly 2.1 hooks the classics functions used for antidebug��s tricks
 
1 Attachment(s)
DbgHook is plugin for Olly 2.1 that hooks the classics functions used for antidebug's tricks, the driver is for Windows 7 x64 (tested on build 7600.16385.1), so for running it need to be registered and PatchGuard disabled (you can use tools like DSEO).
the plugin lets you control the following options:
-Flags
-Time (dynamic fake time,it freeze process's timers when you stop the execution,you can also chose a time's multiplication factor for clocks and RDTSC)
-Windows (hides Olly's window to debugged process)
-NtQuerySystemInformation
-NtSetDebugFilterState
-NtQueryInformationProcess
-NtOpenProcess
-NtClose
-NtUserBlockInput
-OutputDebugString
-NtTerminateProcess
-NtQueryInformationThread
-NtSetInformationThread
-Driver's name

the plugin by walter1945 from _https://quequero.org

from attachment(with builds and sources)

mr.exodia 02-01-2015 08:26
the code is very hacked and uncommented, but it looks like a nice thing :)

sh3dow 02-01-2015 19:30
Quote:
Originally Posted by mr.exodia (Post 97108)
the code is very hacked and uncommented, but it looks like a nice thing :)
Yes, and as he wrote
I also decided to publish the source for two reason:
-I'm not a good programmer so other people like me can learn how this tools works and how build a similar.
-I hope other people of comunity contribute adding or improving the plugin.


All times are GMT +8. The time now is 07:07.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX