강력한 패커에 걸맛는 강력한 플러그인 입니다... 사용법은 아래를 참고하시면 되겠습니다...
Here there are no special notes, were used together with the original OD plug-a plug-StrongOD operate
First Ollydbg.ini Medium [Plugin StrongOD] the following HideWindow, ProtectProcess changed the value of one, the KernelMode also changed the value of one, save
1,Themida/WinLicense
At least the option to set up plug-ins
Running the original OD, loading the main program Themida v1.9.9.0, stopped at the entrance after the removal of all breakpoints, Shift + F9 and run up
2,ExeCryptor v2.4.1
At least the option to set up plug-ins
Running the original OD, set a breakpoint to stop on a breakpoint in the system
Loading the main program ExeCryptor v2.4.1, stopped at the breakpoint system, press Alt + B, delete breakpoints EP
And then Shift + F9, you can
3,TTProtect v1.05 DEMO
At least the option to set up plug-ins
Running the original OD, loaded TTProtect v1.05 DEMO main program, Shift + F9
4,VMProtect v1.65.2
anti vmp v1.65 added to the xp system OD new anti
At least the option to set up plug-ins
Running the original OD, loaded VMProtect v1.65.2 main program, Shift + F9
================================================== ==================
[2009.09.01 v0.2.6.415]
Repair minimize the window, the command line disappeared BUG
[2009.09.01 v0.2.6.413]
1, add the option to load the Microsoft Symbol Library
2, Cmdbar increase the command MSG, displays the message number
[2009.08.26 v0.2.6.410]
1, integrated Command Bar feature (shortcut key changed to ALT + F1), can be discarded cmdbar plug-in
2, Cmdbar and TBAR plug-in compatible
[2009.08.24 v0.2.6.405]
1, full support win7 (7600 following version does not support)
2, to enhance the stability of parsing PE
3, repair tmd shell up at some point can not attach the loopholes under the breakpoint
[2009.06.16 v0.2.5.388]
1, increasing the stability ring0
2, try to kill the NP thread
[2009.06.13 v0.2.5.384]
1, repair, drive a few bug, remove the string
2, the stability increased, no longer need to key
[2009.04.24 v0.2.4.364]
1, drive great changes, added some features are not compatible with the previous StrongOD, need to restart the machine after the update
2, boot-time check of a suspicious ollydbg thread
3, to continue to modify the attach function
4, repair, packers can not be used after the function of the remote injection
[2009.02.10 v0.2.3.305]
1,repair, several small BUG
2,enhanced attach function
3,repair of a BUG
[2009.02.04 v0.2.3.301]
1,at the bottom of the shortcut bar to hide automatically records
2,the bottom window status bar shows the status of Memory
3,repair, drivers do not load bug
[2009.02.01 v0.2.3.299]
1,an increase more than the memory of the fast-switching window, shortcuts alt +1 ~ alt +5
2,an increase related to the switch stack window ebp register or not associated in any register, shortcut keys alt +1 ~ alt +3
3,add a shortcut bar at the bottom of the top, has fast-switching button, Option which can be lifted to create the fast-track column,
If you create can be used after the Alt + R to show hidden shortcut bar
4,at the bottom of the shortcut bar is created, fast switching does not affect the function of the above (no button can use shortcut keys to switch)
[2009.01.14 v0.2.2.292]
1,repair of some analytic PE small bug
2,repair, memory breakpoints to determine a small bug
[2009.01.11 v0.2.2.275]
1,delete the entry points to increase options breakpoint
2,an increase in the tls option interrupted the entrance (if any) must be selected Kill Pe Bug
3,increase options interruption in the Progressive ring3 first lines of code (whether or not realized, to be determined)
4,the configuration file to increase OrdFirst, the decision of the Export function mfc42 are the serial number or the name of the priority priority
5,to repair the handle re-positioning table bug
6,Attach window into the mouse wheel WM_VSCROLL news
[2009.01.08 v0.2.1.273]
1,as amended deal to export tables and import tables bug
2, re-positioning table amendments to deal with the bug
3,repair Skip Some Expection when selected under paragraph F2 memory breakpoints can not be broken under normal bug
4,repair Skip Some Expection selected when the memory breakpoint can not be broken under the BUG
5,repair IAT could not find function names in the serial number of the BUG
[2009.01.06 v0.2.1.262]
1,an increase Attach window mouse wheel support
2,rewrite od processing module code
[2008.12.30 v0.2.1.252]
1,repair, drive BUG
[2008.12.25 v0.2.1.235]
1, repair of a PAGE_GUARD use of anti
2,repair Skip Some Expection time can not be elected under paragraph F2 memory breakpoint
3,due to the specificity of PAGE_GUARD not perfect treatment od breakpoint with PAGE_GUARD under BUG, recommended as far as possible not to under paragraph F2 memory breakpoint
4,to strengthen the process of protection to prevent copying ring3 under the handle to open the process od 5,drive many small bug fix
6,update version number
///////////////////////////////////////////////////////////// //////////////////////////////////////////////
Here there are no special notes, were used together with the original OD plug-a plug-StrongOD operate
First Ollydbg.ini Medium [Plugin StrongOD] the following HideWindow, ProtectProcess changed the value of one, the KernelMode also changed the value of one, save
1,Themida/WinLicense
At least the option to set up plug-ins
Running the original OD, loading the main program Themida v1.9.9.0, stopped at the entrance after the removal of all breakpoints, Shift + F9 and run up
2,ExeCryptor v2.4.1
At least the option to set up plug-ins
Running the original OD, set a breakpoint to stop on a breakpoint in the system
Loading the main program ExeCryptor v2.4.1, stopped at the breakpoint system, press Alt + B, delete breakpoints EP
And then Shift + F9, you can
3,TTProtect v1.05 DEMO
At least the option to set up plug-ins
Running the original OD, loaded TTProtect v1.05 DEMO main program, Shift + F9
4,VMProtect v1.65.2
anti vmp v1.65 added to the xp system OD new anti
At least the option to set up plug-ins
Running the original OD, loaded VMProtect v1.65.2 main program, Shift + F9
================================================== ==================
[2009.09.01 v0.2.6.415]
Repair minimize the window, the command line disappeared BUG
[2009.09.01 v0.2.6.413]
1, add the option to load the Microsoft Symbol Library
2, Cmdbar increase the command MSG, displays the message number
[2009.08.26 v0.2.6.410]
1, integrated Command Bar feature (shortcut key changed to ALT + F1), can be discarded cmdbar plug-in
2, Cmdbar and TBAR plug-in compatible
[2009.08.24 v0.2.6.405]
1, full support win7 (7600 following version does not support)
2, to enhance the stability of parsing PE
3, repair tmd shell up at some point can not attach the loopholes under the breakpoint
[2009.06.16 v0.2.5.388]
1, increasing the stability ring0
2, try to kill the NP thread
[2009.06.13 v0.2.5.384]
1, repair, drive a few bug, remove the string
2, the stability increased, no longer need to key
[2009.04.24 v0.2.4.364]
1, drive great changes, added some features are not compatible with the previous StrongOD, need to restart the machine after the update
2, boot-time check of a suspicious ollydbg thread
3, to continue to modify the attach function
4, repair, packers can not be used after the function of the remote injection
[2009.04.03 v0.2.4.350]
1, repair, drivers under the blue screen in some 2000's BUG
2, a number of repair-driven BUG
3, add key authentication, StrongOD.key required to run / Requires StrongOD.key to execute.
[2009.03.30 v0.2.4.347]
1, repair, attach abnormal under vista problem
2, attach to enhance the stability, Attach required after the F9, then resume all thread
3, advenummod support dynamic volumes, network disk mapping
4, vista sp1 unable to open the file under the bug
5, vista parent process to amend under
[2009.03.17 v0.2.4.341]
1, ZwOpenThread removed from the OD of the hook
2, OD repair codebase will deal with the collapse of the BUG
3, drivers will not affect the non-debug procedures OD
[2009.03.09 v0.2.3.328]
1, and enhance the process of protection (protection of thread),老毛子clinics to save trouble
2, Analysis of repair of an import error
3, repair, re-positioning table deal BUG
4, attach notepad.exe repair the BUG
5, repair, deal with the bug Export table
6, restoration of the BUG handle tls
[2009.02.14 v0.2.3.314]
1, restoration of the 2003 sp1 blue screen bug (thank cxh852456)
2, enhanced shortcut compatibility, support for simple modified version of the OD
1, repair, drivers under the blue screen in some 2000's BUG
2, a number of repair-driven BUG
3, add key authentication, StrongOD.key required to run / Requires StrongOD.key to execute.
[2009.03.30 v0.2.4.347]
1, repair, attach abnormal under vista problem
2, attach to enhance the stability, Attach required after the F9, then resume all thread
3, advenummod support dynamic volumes, network disk mapping
4, vista sp1 unable to open the file under the bug
5, vista parent process to amend under
[2009.03.17 v0.2.4.341]
1, ZwOpenThread removed from the OD of the hook
2, OD repair codebase will deal with the collapse of the BUG
3, drivers will not affect the non-debug procedures OD
[2009.03.09 v0.2.3.328]
1, and enhance the process of protection (protection of thread),老毛子clinics to save trouble
2, Analysis of repair of an import error
3, repair, re-positioning table deal BUG
4, attach notepad.exe repair the BUG
5, repair, deal with the bug Export table
6, restoration of the BUG handle tls
[2009.02.14 v0.2.3.314]
1, restoration of the 2003 sp1 blue screen bug (thank cxh852456)
2, enhanced shortcut compatibility, support for simple modified version of the OD
[2009.02.10 v0.2.3.305]
1,repair, several small BUG
2,enhanced attach function
3,repair of a BUG
[2009.02.04 v0.2.3.301]
1,at the bottom of the shortcut bar to hide automatically records
2,the bottom window status bar shows the status of Memory
3,repair, drivers do not load bug
[2009.02.01 v0.2.3.299]
1,an increase more than the memory of the fast-switching window, shortcuts alt +1 ~ alt +5
2,an increase related to the switch stack window ebp register or not associated in any register, shortcut keys alt +1 ~ alt +3
3,add a shortcut bar at the bottom of the top, has fast-switching button, Option which can be lifted to create the fast-track column,
If you create can be used after the Alt + R to show hidden shortcut bar
4,at the bottom of the shortcut bar is created, fast switching does not affect the function of the above (no button can use shortcut keys to switch)
[2009.01.14 v0.2.2.292]
1,repair of some analytic PE small bug
2,repair, memory breakpoints to determine a small bug
[2009.01.11 v0.2.2.275]
1,delete the entry points to increase options breakpoint
2,an increase in the tls option interrupted the entrance (if any) must be selected Kill Pe Bug
3,increase options interruption in the Progressive ring3 first lines of code (whether or not realized, to be determined)
4,the configuration file to increase OrdFirst, the decision of the Export function mfc42 are the serial number or the name of the priority priority
5,to repair the handle re-positioning table bug
6,Attach window into the mouse wheel WM_VSCROLL news
[2009.01.08 v0.2.1.273]
1,as amended deal to export tables and import tables bug
2, re-positioning table amendments to deal with the bug
3,repair Skip Some Expection when selected under paragraph F2 memory breakpoints can not be broken under normal bug
4,repair Skip Some Expection selected when the memory breakpoint can not be broken under the BUG
5,repair IAT could not find function names in the serial number of the BUG
[2009.01.06 v0.2.1.262]
1,an increase Attach window mouse wheel support
2,rewrite od processing module code
[2008.12.30 v0.2.1.252]
1,repair, drive BUG
[2008.12.25 v0.2.1.235]
1, repair of a PAGE_GUARD use of anti
2,repair Skip Some Expection time can not be elected under paragraph F2 memory breakpoint
3,due to the specificity of PAGE_GUARD not perfect treatment od breakpoint with PAGE_GUARD under BUG, recommended as far as possible not to under paragraph F2 memory breakpoint
4,to strengthen the process of protection to prevent copying ring3 under the handle to open the process od 5,drive many small bug fix
6,update version number
///////////////////////////////////////////////////////////// //////////////////////////////////////////////
StrongOD.v0.2.6.415.By.海风月影.rar'Reverse Engineering > Tools' 카테고리의 다른 글
| Kernel Detective v1.3.1 (2) | 2009.12.07 |
|---|---|
| ExeInfo PE V0.0.2.6 - 540 sign (17) | 2009.12.07 |
| Olly Advanced v1.27 (2) | 2009.08.21 |
| Syser Kernel Debugger v1.99.1900.1146 (3) | 2009.07.05 |
| .NET Reflector 5.1.4.0 (2) | 2009.07.04 |
