01. Olly + assembler + patching a basic reverseme
02. Keyfiling the reverseme + assembler
03. Basic nag removal + header problems
04. Basic + aesthetic patching
05. Comparing on changes in cond jumps, animate over/in, breakpoints
06. “The plain stupid patching method”, searching for textstrings
07. Intermediate level patching, Kanal in PEiD
uPPP v0.8 by UFO-Pu55y
SDF Tool v1.0 (Keygenning Tool)
SDF Tool v1.0 by Saduff
This is a keygenning tool I started coding a long time ago, but never finished it. I decided to finally finish this tool and release it, removing some of the planned features.
Features :
★32bit Calculator – Supports hex, dec, oct, bin. Functions: +, -, *, /, BSwap, Mod, RoL, RoR, And, Or, Xor, Lsh, Rsh, Not, x^2, x^3, x^y, n!.
★ As a side-feature, it’s also possible to evaluate expressions, but the expression evaluator works with floats and not 32bit Integers.
★ BigNum Calculator – Supports binary, decimal, hex. Functions: +, -, *, /, Mod, Xor, Or, And, Shl, Shr, x^y, x^-1 mod n (modular inverse), x*y mod n, x^y mod n, GCD(x, y), LCM(x, y), Prime Generation, Prime Checking.
★ Can convert between following bases: ASCII (Base-256), Hexadecimal (Base-16), Decimal (Base-10), Binary (Base-2), Base-32, Base-64, Base-85.
★ Supports following hash algorithms with possibility to change init vectors of some hashes (*) : GOST, HAVAL* (128/160/192/224/256), MD2, MD4*, MD5*, Panama, RipeMD* (128/160/256/320), Sapphire II (128/160/192/224/256/288/320), SHA-0*, SHA-1*, SHA* (256/384/512), Snefru-128 (level 8), Snefru-256 (level 8), Square*, Tiger* (128/160/192), Whirlpool-0, Whirlpool-1, Whirlpool-512, Adler-32, CRC-16, CRC-24, CRC-32, CRC-32b, CRC-64, XOR-16, XOR-32.
Immunity Debugger 1.85 Wow64 Plugin v1.0.0.1
大多数的逆向分析人士还是喜欢在XP下进行一系列的分析共做,我也是比较喜欢XP的兼容性和稳健型。但是在除此之外的时间用的基本都是Windows 7 64bit的系统,因为对于32位的XP来说,8G的内存已经成了浪费,虽然偶尔还是会切换到XP下,但是也只能识别2.3G的内存,由于平时不怎么用也就不关心这个鸟系统到底能识别多少内存了。在看雪学院有篇文章是关于如何让xp支持大内存的,但是我的测试效果是直接让膝系统分区表挂掉,于是后来也就懒得试了~
但是在Win7 64位的系统下进行调试会出现诸多的问题,比如上图就是很明显的例子,这个东西和Ollydbg 1.1遇到的状况是一样的。详细可以参考这篇文章:《OllyDbg v1.10 And Wow64》 。至于原理文章中已经解释的很清楚了,着了也就没有必要进行详细的说明了。
QQ International 1.5(2645) Self Check Patch & Today Remover
QQ International 1.4(2582) Self Check Patch & Today Remover
猛击此处下载补丁程序,放入bin目录下执行。现在的弹窗貌似不是登录之后直接弹了,可能会等待几分钟,不过没关系。还是那个鸟样。