강력한 패커에 걸맛는 강력한 플러그인 입니다... 사용법은 아래를 참고하시면 되겠습니다...

 Here there are no special notes, were used together with the original OD plug-a plug-StrongOD operate

사용자 삽입 이미지

First Ollydbg.ini Medium [Plugin StrongOD] the following HideWindow, ProtectProcess changed the value of one, the KernelMode also changed the value of one, save

사용자 삽입 이미지

1,Themida/WinLicense

At least the option to set up plug-ins
사용자 삽입 이미지

Running the original OD, loading the main program Themida v1.9.9.0, stopped at the entrance after the removal of all breakpoints, Shift + F9 and run up

사용자 삽입 이미지

2,ExeCryptor v2.4.1

At least the option to set up plug-ins
사용자 삽입 이미지

Running the original OD, set a breakpoint to stop on a breakpoint in the system
사용자 삽입 이미지

Loading the main program ExeCryptor v2.4.1, stopped at the breakpoint system, press Alt + B, delete breakpoints EP
사용자 삽입 이미지

And then Shift + F9, you can
사용자 삽입 이미지

3,TTProtect v1.05 DEMO

At least the option to set up plug-ins
사용자 삽입 이미지

Running the original OD, loaded TTProtect v1.05 DEMO main program, Shift + F9
사용자 삽입 이미지


4,VMProtect v1.65.2

anti vmp v1.65 added to the xp system OD new anti 
At least the option to set up plug-ins
사용자 삽입 이미지

Running the original OD, loaded VMProtect v1.65.2 main program, Shift + F9
사용자 삽입 이미지


================================================== ==================
[2009.09.01 v0.2.6.415]
Repair minimize the window, the command line disappeared BUG

[2009.09.01 v0.2.6.413]
1, add the option to load the Microsoft Symbol Library
2, Cmdbar increase the command MSG, displays the message number

[2009.08.26 v0.2.6.410]
1, integrated Command Bar feature (shortcut key changed to ALT + F1), can be discarded cmdbar plug-in
2, Cmdbar and TBAR plug-in compatible

[2009.08.24 v0.2.6.405]
1, full support win7 (7600 following version does not support)
2, to enhance the stability of parsing PE
3, repair tmd shell up at some point can not attach the loopholes under the breakpoint

[2009.06.16 v0.2.5.388]
1, increasing the stability ring0
2, try to kill the NP thread

[2009.06.13 v0.2.5.384]
1, repair, drive a few bug, remove the string
2, the stability increased, no longer need to key

[2009.04.24 v0.2.4.364]
1, drive great changes, added some features are not compatible with the previous StrongOD, need to restart the machine after the update
2, boot-time check of a suspicious ollydbg thread
3, to continue to modify the attach function
4, repair, packers can not be used after the function of the remote injection

[2009.04.03 v0.2.4.350]
1, repair, drivers under the blue screen in some 2000's BUG
2, a number of repair-driven BUG
3, add key authentication, StrongOD.key required to run / Requires StrongOD.key to execute.

[2009.03.30 v0.2.4.347]
1, repair, attach abnormal under vista problem
2, attach to enhance the stability, Attach required after the F9, then resume all thread
3, advenummod support dynamic volumes, network disk mapping
4, vista sp1 unable to open the file under the bug
5, vista parent process to amend under

[2009.03.17 v0.2.4.341]
1, ZwOpenThread removed from the OD of the hook
2, OD repair codebase will deal with the collapse of the BUG
3, drivers will not affect the non-debug procedures OD

[2009.03.09 v0.2.3.328]
1, and enhance the process of protection (protection of thread),老毛子clinics to save trouble
2, Analysis of repair of an import error
3, repair, re-positioning table deal BUG
4, attach notepad.exe repair the BUG
5, repair, deal with the bug Export table
6, restoration of the BUG handle tls

[2009.02.14 v0.2.3.314]
1, restoration of the 2003 sp1 blue screen bug (thank cxh852456)
2, enhanced shortcut compatibility, support for simple modified version of the OD

[2009.02.10 v0.2.3.305]

1,repair, several small BUG
2,enhanced attach function
3,repair of a BUG

[2009.02.04 v0.2.3.301]
1,at the bottom of the shortcut bar to hide automatically records
2,the bottom window status bar shows the status of Memory
3,repair, drivers do not load bug

[2009.02.01 v0.2.3.299]
1,an increase more than the memory of the fast-switching window, shortcuts alt +1 ~ alt +5
2,an increase related to the switch stack window ebp register or not associated in any register, shortcut keys alt +1 ~ alt +3
3,add a shortcut bar at the bottom of the top, has fast-switching button, Option which can be lifted to create the fast-track column,
If you create can be used after the Alt + R to show hidden shortcut bar
4,at the bottom of the shortcut bar is created, fast switching does not affect the function of the above (no button can use shortcut keys to switch)


[2009.01.14 v0.2.2.292]
1,repair of some analytic PE small bug
2,repair, memory breakpoints to determine a small bug

[2009.01.11 v0.2.2.275]
1,delete the entry points to increase options breakpoint
2,an increase in the tls option interrupted the entrance (if any) must be selected Kill Pe Bug
3,increase options interruption in the Progressive ring3 first lines of code (whether or not realized, to be determined)
4,the configuration file to increase OrdFirst, the decision of the Export function mfc42 are the serial number or the name of the priority priority
5,to repair the handle re-positioning table bug
6,Attach window into the mouse wheel WM_VSCROLL news

[2009.01.08 v0.2.1.273]
1,as amended deal to export tables and import tables bug
2, re-positioning table amendments to deal with the bug
3,repair Skip Some Expection when selected under paragraph F2 memory breakpoints can not be broken under normal bug
4,repair Skip Some Expection selected when the memory breakpoint can not be broken under the BUG
5,repair IAT could not find function names in the serial number of the BUG

[2009.01.06 v0.2.1.262]
1,an increase Attach window mouse wheel support
2,rewrite od processing module code 

[2008.12.30 v0.2.1.252]
1,repair, drive BUG

[2008.12.25 v0.2.1.235]
1, repair of a PAGE_GUARD use of anti
2,repair Skip Some Expection time can not be elected under paragraph F2 memory breakpoint
3,due to the specificity of PAGE_GUARD not perfect treatment od breakpoint with PAGE_GUARD under BUG, recommended as far as possible not to under paragraph F2 memory breakpoint
4,to strengthen the process of protection to prevent copying ring3 under the handle to open the process od 5,drive many small bug fix
6,update version number
///////////////////////////////////////////////////////////// //////////////////////////////////////////////

'Reverse Engineering > Tools' 카테고리의 다른 글

Kernel Detective v1.3.1  (2) 2009.12.07
ExeInfo PE V0.0.2.6 - 540 sign  (17) 2009.12.07
StrongOD v.0.2.6.415  (28) 2009.09.06
Olly Advanced v1.27  (2) 2009.08.21
Syser Kernel Debugger v1.99.1900.1146  (3) 2009.07.05
.NET Reflector 5.1.4.0  (2) 2009.07.04
Posted by Mocker
TAG

댓글을 달아 주세요

  1. 오호... 이러한 정보는 어디서 얻는것인지... ㅎㅎㅎㅎ

    온김에 광고 클릭하고 가요~

    2009.02.15 02:15 신고 [ ADDR : EDIT/ DEL : REPLY ]
  2. 좋은 플러그인이네요 .
    잘사용할께요 . ^ㅡ^*

    2009.02.15 07:20 신고 [ ADDR : EDIT/ DEL : REPLY ]
  3. digh

    정말잘봤습니다!자주자주 들릴께요~

    2009.02.24 09:13 신고 [ ADDR : EDIT/ DEL : REPLY ]
  4. 행운★만땅~냥이의 오두막

    저 들렸다가 갑니다^^
    잘 구경하구요~^^

    2009.02.24 14:39 신고 [ ADDR : EDIT/ DEL : REPLY ]
  5. 행복나누기

    반갑습니다. 컴터 잘 활용하시는 것 같네요~
    잘 구경하고 갑니당 ^^

    2009.02.25 04:17 신고 [ ADDR : EDIT/ DEL : REPLY ]
  6. 비밀댓글입니다

    2009.02.25 11:26 [ ADDR : EDIT/ DEL : REPLY ]
  7. 현과도은이의방

    이곳을 알게되어 무척 기쁩니다^^

    2009.02.25 21:06 신고 [ ADDR : EDIT/ DEL : REPLY ]
  8. 아카시아

    반갑습니다.
    저도 적벽대전 2 . 재미있게 구경했어요
    조조는 뛰어난 재상이지만 교만하고
    부하를 의심하니 크게 당했지요
    공명의 통달함이 통쾌 했습니다.

    2009.02.26 09:24 신고 [ ADDR : EDIT/ DEL : REPLY ]
    • 앗.. 다른곳에 댓글을 남기셨네요 ^^ㅋ 아무튼 방문 감사합니다..

      2009.02.27 18:38 신고 [ ADDR : EDIT/ DEL ]
  9. 허걱~
    발자취 따라 놀러 왔다가
    너무 어려운 용어들에...이해가 안되요~ ㅠㅠ

    2009.03.13 13:22 신고 [ ADDR : EDIT/ DEL : REPLY ]
  10. jovinkw

    안녕하세요.제 블로그에 댓글 감사 드립니다.^^
    근데 이게 무엇인지 ㅠㅠ

    2009.04.03 22:46 신고 [ ADDR : EDIT/ DEL : REPLY ]
  11. 파랑

    아는 지식이 없어 뭔지?

    2009.08.24 14:24 신고 [ ADDR : EDIT/ DEL : REPLY ]
    • 올리디버거 플러그인입니다.. 올리디버거는 디버깅툴이고요.. :)

      2009.09.02 22:55 신고 [ ADDR : EDIT/ DEL ]
  12. 김문

    안녕하세요! 참 독특한 블로그입니다. 전부 외국어로 쓰여져서 무슨 의미인지 모르겠지만 하여튼 잘 보고 갑니다.

    2009.08.25 12:47 신고 [ ADDR : EDIT/ DEL : REPLY ]
  13. 민주

    알수 없는 용어~ 저두 왔었다구요~

    2009.09.08 23:49 신고 [ ADDR : EDIT/ DEL : REPLY ]
  14. 발렌시아

    ^^ 저도 왓는데..모르는 말들이..외국어는 머리지짐~~!!!

    2009.09.09 21:18 신고 [ ADDR : EDIT/ DEL : REPLY ]
  15. sky

    와....!! 외국에 나와 있는것 같아요....이국언어들로...가득..
    지레 놀라 갑니다....많은 자료들로 넘치는 곳이네요...^^

    2009.09.27 20:29 신고 [ ADDR : EDIT/ DEL : REPLY ]
  16. 1달전에미국온사나이

    미국에 와서 다시보니 이해가 좀 가네욬

    2011.02.17 10:06 신고 [ ADDR : EDIT/ DEL : REPLY ]