Jump to content
YOUR-AD-HERE
HOSTING
TOOLS

Locked Swordfish v1.0 Final [OllyDbg 2 Plugin]

sQuo

By ADMINsQuo
in Tools

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

This is the hidden content, please

 

This is the hidden content, please

 

OllyDbg plugin: Swordfish v1.1 beta release

 

- OllyDbg supported release: 201h

- Released by Arab Team for Reverse Engineering (AT4RE)

- Coded by torpedo from AT4RE

 

FEATURES:

-----------------------------------------

Tools:

-------------------------------------

[+] Clear udd files

 

Hide debugger:

-------------------------------------

[+] PEB!BeingDebugged

[+] PEB!NtGlobalFlags

[+] PEB!HeapFlags

[+] Find OD Windows bypass

[+] CheckRemoteDebuggerPresent

[+] GetClassInfo(A-W-ExA-ExW)

[+] FindWindow(A-W-ExA-ExW)

[+] GetTikCount

[+] NtQueryPerformanceCounter

 

Set breakpoints (hard coded):

-------------------------------------

[+] user32.GetWindowTextW

[+] user32.GetDlgItemTextW

 

[+] user32.MessageBoxIndirectW

[+] user32.MessageBoxTimeoutW

[+] user32.SoftModalMessageBox

 

[+] user32.CreateWindowExW

[+] user32.ShowWindow

 

[+] kernel32.CreateFileW

[+] kernel32.OpenFile

[+] kernel32.ReadFile

[+] kernel32.WriteFile

[+] kernel32.LoadLibraryW

[+] kernel32.MoveFileW

[+] kernel32.DeleteFileW

 

[+] advapi32.RegOpenKeyExW

[+] advapi32.RegCloseKey

[+] advapi32.RegQueryValueExW

[+] advapi32.RegSetValueExW

 

[+] kernel32.CreateToolhelp32Snapshot

[+] kernel32.Process32FirstW

[+] kernel32.Module32FirstW

[+] Kernel32.Toolhelp32ReadProcessMemory

[+] kernel32.OpenProcess

[+] kernel32.WriteProcessMemory

[+] kernel32.ReadProcessMemory

[+] kernel32.CreateProcessW

[+] kernel32.VirtualProtectEx

 

[+] advapi32.OpenSCManagerW

[+] advapi32.OpenServiceW

[+] advapi32.StartServiceW

[+] advapi32.DeleteService

 

[+] msvbvm60.ThunRTMain

[+] msvbvm60.rtcMsgBox

[+] msvbvm60.__vbaStrCmp

[+] msvbvm60.__vbaStrComp

[+] msvbvm60.__vbaFreeStr

[+] msvbvm60.__vbaFileOpen

[+] msvbvm60.__vbaInputFile

[+] msvbvm60.__vbaWriteFile

[+] msvbvm60.__vbaStrCompVar

[+] msvbvm60.__vbaStrTextCmp

[+] msvbvm60.__vbaFileSeek

[+] msvbvm60.__vbaFileClose

[+] msvbvm60.__vbaVarTstEq

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.