Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked Odbg 110 LifeODBG v1.4 / odbg 110 9in1 for Themida

sQuo

By ADMINsQuo
in Tools

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

Odbg 110 LifeODBG v1.4

 

This is the hidden content, please

 

tool purpose:

this tool can let you debug a client process as a normal process,you can use normal debugger(exp:ollydbg) to debug the parent process at the same time.

 

Usage help:

 

1.This tool must inject into the parent process and listen client process create event.

2.If the parent process not started with the client process at the same time and parent process first.we need inject the debugger by myself.Just selete a process in list and click "inject" ,a debugger will be started. if not please check the lifeODBG's privilege or selected "step up privilege" have another try.when the debugger started,it's just like a simple debugger,if you not selected "Auto listen" be front of Inject you must start listen manually.Just use debugger open a program(exp:notepad.exe).After listen started,the debugger just like fool until the client process created.

3.If the parent and client process start at the same time,we only click "O" to select the program we need,type in the command line in left edit control and click "Debug",the process and debugger will be created automatically.But if not select "auto listen" beforehand,we need start listen manually.(exp:Armadillo)

 

Options:

"Inject":Just inject the debugger into selected process.

"Inject DLL":Just inject a DLL into selected process.

"Refresh":Refresh the processes list.

"Single debug mode":Let the injected debugger just like a simple debugger,It is can debug but not client process.

"Disable handle close":Disable the client process close the handles in debug event.(exp:Debug EncryptPE).

"Set up privilege":Set up the LifeODBG.exe's privilege.

"Auto listen":turn into debug stats automatically when the debugger be injected.

"Passive mode":Just use for the process we started is a client process when the parent process append start debugger automatically.

"Call back debug event":Set up who will be call back to the debugger.

 

 

[HIDE-THANKS]

This is the hidden content, please
[/HIDE-THANKS]

 

odbg 110 9in1 for Themida

 

This is the hidden content, please

 

Hide OllyDBG Plugin V1.02

Functions:

1.Hide IsDebuggerPresent

2.Hide NtGlobalFlag

3.Hide ProcessHeapFlag

4.Patch ZwQueryInformationProcess (==patch UnhandledExceptionFilter)

5.Patch ZwSetInformationThread

6.Patch CheckRemoteDebuggerPresent

7.Patch OutputDebugStringA

8.Anti heap-checking (For themida1.9.5.0)

 

V1.02:

! Fixed the bug of patching ZwSetInformationThread (For themida 1.9.5.0)

+ ADD heap-checking.

 

Debug themida1.9.5

1.Modify window caption in the file ollydbg.exe (CPU,OLLYDBG...)

2.Click "Hide ALL" (choose HideDBG plugin)

 

[HIDE-THANKS]

This is the hidden content, please
[/HIDE-THANKS]

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.