Artificial Intelligence / Reverse Engineering / Internet of Things / Full Stack Developer
以前总想知道IDA是否能够实现内核调试,后来找了一段时间没什么结果就暂时放弃了。今天在国外的一个博客上偶然看到了用IDA实现内核调试的方法。
其实现在国内也有很多文章介绍了IDA通过串口进行调试的文章,如果大家想看的话可以搜索下。
这里只是参考远远吧实现的方法大体的用中文表述了一下。在调试之前需要安装如下的软件:
This is a plugin for OllyDbg 1.10 and Immunity Debugger 1.xx to replace the old disasm engine by a more recent one : BeaEngine 4.0.
You just have to press Ctrl+W to change the disasm engine.
If you want to use BeaEngine only on selected lines, then just press Ctrl+X.
With this plugin, you can decode recent instructions for the following technologies : MMX, FPU, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2 , VMX, CLMUL and AES.
You can even decode undocumented instructions usually used in malicious codes.
If you want to use a specific syntax, BeaEngine allows you to disassemble code in masm32 syntax, nasm syntax, GoAsm syntax or GNU Assembler syntax.
Current version : 3.0
download link:http://cracklab.ru/download.php?action=get&n=ODU1
Download link:http://dl.dbank.com/c0lu5w0rjp
修改:
1,移除所有授权相关代码和资源
2,移除所有报告错误相关代码和资源
3,移除ReflectorInstaller相关代码和资源,大小由4.3M(混淆压缩)变成2.8M(未混淆压缩)
4,增加代码着色,原来只有黑色和深绿色,看起来要命。类名红色,方法名绿色,类字段浅黄色,参数浅绿色,本地变量黑色(若不喜欢自己修改代码)
原文链接:http://www.cnblogs.com/nnhy/archive/2011/04/14/2016021.html
Here is one tool to fix imports on x64 target (and to dump them as well). This tool was done almost a year ago. GUI really sucks as I’m not very experienced with GUI programming. However import fixing code should do just fine as it uses 1API = 1IID technique which I described in one of my Blog entries. Good thing is that import scanning/fixing code can be extracted from source without a problem as those are held in separate files.
Hope that someone will find this tool useful, at least source code.
Download link1:http://exelab.ru/download.php?action=get&n=MTAzMA==
Download link2:http://deroko.phearless.org/imp64.rar
A new release of the disc from the «CRACKL @ B» – this is primarily the author’s video course + krekerskih standard set of tools. In these Video Tutorials course, the author consistently addresses the process of becoming cracker of a normal user. The main focus is to ensure that transmit video-listener experience and secrets of the approach, accumulated over many years … The new drive series this year, made a fundamental innovation. Now it is primarily the author’s video course + classic set krekerskih tools.
