블로그살릴겸 같이 포스팅합니당..


'ReverSing > Tips' 카테고리의 다른 글

1. 리버스 엔지니어링 ?  (0) 2010.07.17
자주쓰이는 Win32 api 함수들  (4) 2009.02.27
Trainer Maker Kit (Tmk) - 간단 사용법입니다.  (34) 2009.02.21
Posted by Jok3



최근에 탱크파일을 사용하고있는데..
검색어가 이것저것 걸리더군요...
하지만...
검색어 뒤에 "%" 만 붙여준다면 오케이!!

ex) 꽃보다 남자 (X) -> 꽃보다 남자 (O)


이렇게 검색 금지어가 뜨면 뒤에 "%" 살포시 붙여주세요~

 

혹시 꼭 보고싶은 영화, 드라마, 예능 프로그램이 있는데 패킷이 없으시면 조금 도와드릴수잇습니다...^^;
그리고 하루에 한번 로그인시 50패킷씩주니 조금씩 모으면 은근히 많이 모입니다..ㅎㅎ;

Posted by Jok3

나름 간편한 툴입니다.
옆에 주소도나오고, 스트링, 쓰이는 함수까지나오니....^^
뭐 올리로 열어보면 금방이겟지만 이것도 작아서 패킹안된거 빨리 뜯어볼때 간편합니다..ㅎㅎ


Posted by Jok3

OllyDbg modified :

OllyDbg - BoomBox

http://rapidshare.com/files/25394210/request.php_3

OllyDbg - Chinese
http://rapidshare.com/files/25394358/request.php_554

OllyDbg - CiM’s
http://rapidshare.com/files/25394505/request.php_1206

OllyDbg - Diablo’s

http://rapidshare.com/files/25395171/request.php_2

http://letitbit.net/download/6bb575376676/d2k2.ollydbg.public2008-updated.rar.html ==new==

OllyDbg - ExeCryptor
http://rapidshare.com/files/25395311/request.php_553

OllyDbg - Hacnho’s
http://rapidshare.com/files/25395639/request.php_4

OllyDbg - OllyICE

http://rapidshare.com/files/25395646/request.php_5

ollyice 2007.9.21

http://rapidshare.com/files/60720683/OlyICE2007.9.21.rar

bigice 5
http://rapidshare.com/files/26791856/bigice5.zip

ollyice 2008.1.1

OllyICE v1.10

http://rapidshare.com/files/132790837/odbg110_OllyICE_v1.10_update.rar

OllyICE TheMida MOD. By EvOlUtIoN==new==
http://letitbit.net/download/90b2a3913809/OllyICE-TheMida-By-EvOlUtIoN.rar.html
http://rapidshare.com/files/138149196/OllyICE_TheMida_By_EvOlUtIoN.rar

OllyDbg - Shadow
http://rapidshare.com/files/25395640/request.php_6

OllyDbg - Unmodified!
http://rapidshare.com/files/25395641/request.php_1

OllyDbg-flyODBG

http://rapidshare.com/files/26789936/flyjnop790.zip

ollydbg - ricardo nar.

http://rapidshare.com/files/26791858/ricarcdon.zip

OllyDbg_SLV edition
http://rapidshare.com/files/26791862/slv.zip

OllyDbg -Arabic
http://rapidshare.com/files/26791864/ice1_3.zip

Ollydbg - xp
http://rapidshare.com/files/26771160/ollydbg_110_xp.rar

Ollydbg - greenstyle

http://rapidshare.com/files/26436069/ollydbg_Green_Style_20by_20jnop790.rar

OllyDbg - armadillo
http://rapidshare.com/files/34817803/odbg_204_20armadillo_20with_20tools.zip

OllyDbg - xp+ dct
http://rapidshare.com/files/34821367/ODbg_20xp_20DCT.zip

OllyDbg - ADO
http://rapidshare.com/files/34821368/ODbgADO.zip

OllyDbg - SND
http://rapidshare.com/files/34821374/ODbgSnD.zip

OllyDbg -D2K2
http://rapidshare.com/files/34821377/ODbgD2k2.zip

OllyDbg - DeFixed

http://rapidshare.com/files/39044055/DeFixed_Edition.rar

OllyDbg - DeFixed v2 (foff)

http://rapidshare.com/files/60718378/DeFixed_Edition_v2.rar

OllyDbg - ExeCryptor

http://rapidshare.com/files/39851301/exec.olly.zip

olly bronco (mod. for execryptor )

http://rapidshare.com/files/66345462/OllyDbg_v1.10_Bronco.rar

olly YPOGEiOS DOX DiViSiON

http://rapidshare.com/files/66345700/YGS-DOX_OllyDBG.v1.10.Mod-YPOGEiOS.rar

OllyDbg’ - Snd version all plugins and olly patched :

http://rapidshare.com/files/44123914/0_1_1_YDbg_Beta_Full.7z

the 0dbg for Themida/WinLicense V1.9.3.0

http://rapidshare.com/files/50611549/The0DBG.exe

HanOlly

http://rapidshare.com/files/64369450/odbg110__HanOlly_edition_for_themida_1.9.rar

ollydbg modified for themida 1.9.5

http://rapidshare.com/files/65716863/O_ll_y_Dbg_modify_for_themida1.9.5.EXE

ollydbg modified for themida and execryptor

http://letitbit.net/download/d35cd7115999/RAMODBG.rar.html

ollydng Sabre Gold

DarkOlly

http://rapidshare.com/files/137296680/DarkOlly.7z

OllyDbg 1.10 - kamal

http://letitbit.net/download/9e844d493204/OllyDbg-1.10-by-kamal.rar.html

OllyDbg v1.10 LifeODBG v1.4

http://letitbit.net/download/686a95302760/OllyDbg-v1.10-LifeODBG-v1.4.rar.html

OllyDBG The_Best_version==new==

http://rapidshare.com/files/142544485/OllyDBG_The_Best_version.rar

http://letitbit.net/download/ffb745506367/OllyDBG-The-Best-version.rar.html

ollydbg moded by DeRoX  ==new==19 nov 2008

http://letitbit.net/download/9cde79762956/odbg110-Olly-DRX-Lite.rar.html

OllyDbg 2

OllyDbg 2 2a 20 oct 2007

http://rapidshare.com/files/64369705/ollydbg_2a-_20_oct07.exe

OllyDbg v2.00 Alpha 4

http://letitbit.net/download/a51bdc740372/OllyDbg-v2.00-Alpha-4.zip.html

OllyDbg v2.00 Alpha Sabre-Gold==new==

http://letitbit.net/download/357163436792/OllyDbg-v2.00-Alpha-Sabre-Gold.rar.html

oLLYdbg 2.00 g==new==

http://letitbit.net/download/0768f7669997/odbg200g.zip.html

ollydbg1.1 BY INREv team==new==

http://letitbit.net/download/fc3c1941207/ollydbg1.1-beta2-INRev.rar.html

http://letitbit.net/download/6faed3180832/odbg1.10-beta1–INRev.rar.html

> all patches for OllyDbg 1.x<

http://rapidshare.com/files/35977772/OLLYDBG_1.10_all_patches_.rar

note:
AFTER DOWNLOAD CHANGE NAME TO*.RAR OR *.ZIP

=================

Debugging Tools for Windows

dbg X86

http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

=================

SoftIce

98

http://rapidshare.com/files/50615930/Sic_v4.2.7_RC1_9x__IceExt_v0.7.part1.rar

http://rapidshare.com/files/50615933/Sic_v4.2.7_RC1_9x__IceExt_v0.7.part2.rar

http://rapidshare.com/files/50615934/SoftICE_20v4.3.2.2485.rar

xp

http://rapidshare.com/files/50615935/SoftIce_20v4.2.7_20RC1_20XP.exe

=================

Syser Debugger

Syser Debugger 1.92

http://rapidshare.com/files/42710603/download.php

Syser Debugger 1.93

http://rapidshare.com/files/48708302/download.php

Syser DebuggeR 1.97.1900.1016

http://rapidshare.com/files/119028937/Sys.Debug.v1.97.1900.1016.zip

Syser.Debugger.v1.97.1900.1038

http://rapidshare.com/files/131394971/Syser.Debugger.v1.97.1900.1038.zip

Syser Debugger 1.99.1900.1095 ==new==

http://letitbit.net/download/2f637f902443/SYSKERNDEBUG.1.99.1900.1095.rar.html

=================

Immunity Debugger

ImmunityDebugger v 1.0


http://debugger.immunityinc.com/download/ImmunityDebugger_setup.exe

or

http://rapidshare.com/files/47096385/ImmunityDebugger_setup.exe

ImmunityDebugger v 1.5 FULL (SCRIPT+PLUGIN)

part 1 & 2:

http://rapidshare.com/files/138160039/ImDbg.v1.5.7z.001

http://rapidshare.com/files/138158243/ImDbg.v1.5.7z.002

PASS:http://reversengineering.wordpress.com/debuggers/

ImmunityDebugger 1.73 RemoveAD KuNgBiM ==new 19 nov 2008 added== hot

http://rapidshare.com/files/165317164/ImmunityDebugger_1.73_RemoveAD_KuNgBiM.7z.002
http://rapidshare.com/files/165319412/ImmunityDebugger_1.73_RemoveAD_KuNgBiM.7z.001

=================

IDA Pro

IDA Pro Advanced v5.1.0.899

http://letitbit.net/download/555d66375926/IDAProAdvancedv5.1.0.899.rar.html

Fix

http://letitbit.net/download/3df899307180/IDAProAdvancedv5.1.0.899Fix.rar.html

DataRescue IDA Pro Advanced v5.1.0.899  + SDK + FiX

http://letitbit.net/download/077cd4773868/DataRescue.IDA.Pro.Advanced.v5.1.0.899.rar.html

IDA PRO 5.1 SDK

http://letitbit.net/download/a91b81999543/IDA-5.1-SDK.part02.rar.html

http://letitbit.net/download/e5e2e4967183/IDA-5.1-SDK.part01.rar.html
Datarescue ida pro advanced  v5.1 windows patch

LAN patch
Key blacklist patch
Russian IDA data file read patch

http://letitbit.net/download/9a8fec832094/datarescue.ida.pro.advanced.v5.1.windows-patch.rar.html

IDA Pro v5.20 Advanced Full MegaPack

by cracklab

http://letitbit.net/download/b96428300403/download.php-action-get-n-MjE1.html

after download rename it to “IDA Pro v5.20 Advanced Full MegaPack.rar”

IDA Pro 5.2 addons

idsutil5.20

Flair5.10

http://letitbit.net/download/f09e75790522/IdaPro5.2-addons.rar.html

DataRescue IDA Pro Advanced v5.2 SDK

http://letitbit.net/download/85acc3208403/idapro52sdk.part02.rar.html

http://letitbit.net/download/307d35980633/idapro52sdk.part01.rar.html

=================

Zeta Debugger

Zeta Debugger v1.4

http://letitbit.net/download/b06dd5445683/Zeta.Debugger.v1.4-full.zip.html

Zeta Debugger v1.5==new==

http://letitbit.net/download/e0881a39387/zd1.5-setup.zip.html

=================

Linux Debugger

EDB Linux Debugger 0.8.12

http://www.codef00.com/projects/debugger-0.8.12.tgz

0.9.1

http://www.codef00.com/projects/debugger-0.9.1.tgz

0.9.2 released 2008-07-29
http://www.codef00.com/projects.php#Debugger

0.9.4 2008-08-12==new==

http://www.codef00.com/projects/debugger-0.9.4.tgz

=================

java Debugger

JDebugTool Pro v4.1.1==new==

http://letitbit.net/download/baf0a2105543/JDebugTool-Pro-v4.1.1.rar.html

http://rapidshare.com/files/137998716/JDebugTool_Pro_v4.1.1.rar

pass:http://reversengineering.wordpress.com

=================

other debuggers

Obsidian - Non-intrusive Debugger + src ==new==

http://letitbit.net/download/e7fa3b610314/Obsidian–src.rar.html

VB Debugger [source code] + compiled with VB 6==new==

http://letitbit.net/download/f2e228167354/vb-debug-src.7z.html

MiniDBG with source==new==

http://letitbit.net/download/5731ca759728/debugger.rar.html


Posted by Jok3



역분석을 하다보면 api함수로 찾아줄때가 많은데 자주쓰이는 함수들을 정리해 봤습니다.
첨부파일은 원하는 함수를쓰면 그함수의 쓰임세가 설명되있는 도움말파일이라고 보시면 됩니다.





-파일 생성 & 열때.
16-bit : CreateFile
32-bit : CreateFileA
wide : CreateFileW


-파일 입출력(Read&Write)
ReadFile : 읽기
WriteFile : 쓰기

-파일 접근(Access)
SetFilePointer : 포인터 조정

-시스템 디렉토리 얻어오는 함수
16-bit : GetSystemDirectory
32-bit : GetSystemDirectoryA
wide : GetSystemDirectoryW


-.ini 구성설정에 관련된 함수들
16-bit : GetPrivateProfileString
           GetPrivateProfileInt
           WritePrivateProfileString
           WritePrivateProfileInt
32-bit : GetPrivateProfileStringA
           GetPrivateProfileIntA
           WritePrivateProfileStringA 
           WritePrivateProfileIntA
wide : GetPrivateProfileStringW
          GetPrivateProfileIntW
          WritePrivateProfileStringW 
          WritePrivateProfileIntW

-레지스트리의 키를 생성 혹은 삭제할때
16-bit : RegCreateKey
           RegDeleteKey
32-bit : RegCreateKeyA
           RegDeleteKeyA
wide : RegCreateKeyW
          RegDeleteKeyW

-현재 열려진 레지스트리 키를 읽을때
16-bit : RegQueryValue
32-bit : RegQueryValueA
wide : RegQueryValueW

-레지스트리 키를 열때
16-bit : RegCloseKey
           RegOpenKey
32-bit : RegCloseKeyA
           RegOpenKeyA
wide : RegCloseKeyW
          RegOpenKeyW

-객체에서 문자열을 읽을때
16-bit : GetWindowText 
           GetDlgItemText
32-bit : GetWindowTextA
           GetDlgItemTextA

wide : GetWindowTextW
          GetDlgItemTextW

-정수여부 상관
GetDlgItemInt

-객체의 텍스트를 지정
16-bit : SetWindowText
           SetDlgItemText
32-bit : SetWindowTextA
           SetDlgItemTextA
wide : SetWindowTextW
          SetDlgItemTextW


-메시지 박스
16bit : MessageBox
         MessageBeep
32bit : MessageBoxA
         MessageBoxExA
wide : MessageBoxW
          MessageBoxExW

-메시지 관련
16bit : SendMessage
          WSPRINTF
32bit :SendMessageA
wide : SendMessageW

-날짜와 시간을 구할때
GetSystemTime
GetLocalTime
SystemTimeToFileTime


-창을 생성 & 제거할때
16bit : CreateWindow
          CreateWindowEx
          DialogBoxParam
          DestroyWindow
          EndDialog
          showwindow
          bitblt
32bit : CreateWindowA
         CreateWindowExA
         DialogBoxParamA
wide : CreateWindowW
          CreateWindowExW
          DialogBoxParamW


-CD롬을 요구하는 함수 들
16bit : GetDriveType (만약 eax=5 라면 CD롬 체크 이다.)
         GetLogicalDrives
         GetLogicalDriveStrings
32bit : GetDriveTypeA
         GetLogicalDrivesA
         GetLogicalDriveStringsA
wide : GetDriveTypeW

-리턴 코드:
값 설명
0 Drive Cannot Be determined
1 Root Dir Does not exist
2 DriveRemoveable
3 A Fixed Disk (HardDrive)
4 Remote Drive(Network)
5 Cd-Rom Drive <==============
6 RamDisk

GetLogicalDrivesW
GetLogicalDriveStringsW

-Win NumberSerial:
GETWINDOWWORD
GETWINDOWLONG

+ORC가 제안한 훌륭한 함수
BOZOSLIVEHERE
HMEMCPY
GLOBALGETATOMNAME

'ReverSing > Tips' 카테고리의 다른 글

1. 리버스 엔지니어링 ?  (0) 2010.07.17
자주쓰이는 Win32 api 함수들  (4) 2009.02.27
Trainer Maker Kit (Tmk) - 간단 사용법입니다.  (34) 2009.02.21
Posted by Jok3
이전버튼 1 2 3 이전버튼

블로그 이미지
Welcome to Joke's Blog
Jok3
Yesterday2
Today0
Total123,822

달력

 « |  » 2019.7
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31