Тема: инструментарий крекера\реверсера
Показать сообщение отдельно

  #58  
Старый 03.09.2008, 21:49
Аватар для baltazar
baltazar
Banned
Регистрация: 30.03.2007
Сообщений: 344
Провел на форуме:
5149122

Репутация: 2438
Отправить сообщение для baltazar с помощью ICQ
По умолчанию
ActiveMARK Viewer v1.1
Description:
Tool for getting the ActiveMARK protection version used in a target.

Bilingual edition (English/Spanish)

When checking an ActiveMARK license file, it shows the Activation Code.
Cкачать!

Armag3ddon 1.4
+ fix some minor bugs
+ improve import redirection functionality
+ update Arteam Import Reconstructor v1.2 (Nacho_dj)
+ add support for Armadillo v6.0.0/v6.0.4 custom builds
+ new log internal EP/OEP (nanomites) option
+ add refresh option for processing multiple targets”
Скачать!

Olly SocketTrace 1.0
About
OllySocketTrace is a plugin for OllyDbg (version 1.10) to trace the socket operations being performed by a process. It will record all buffers being sent and received. All parameters as well as return values are recorded and the trace is highlighted with a unique color for each socket being traced.
The socket operations currently supported are: WSASocket, WSAAccept, WSAConnect, WSARecv, WSARecvFrom, WSASend, WSASendTo, WSAAsyncSelect, WSAEventSelect, WSACloseEvent, listen, ioctlsocket, connect, bind, accept, socket, closesocket, shutdown, recv, recvfrom, send and sendto.
Usage
Simply install the plugin and activate OllySocketTrace when you wish to begin tracing socket operations. OllySocketTrace will automatically create the breakpoints needed and record the relevant information when these breakpoints are hit. To view the socket trace select the OllySocketTrace Log.
Double clicking on any row in the OllySocketTrace Log window will bring you to the callers location in the OllyDbg disassembly window. The recorded socket trace is highlighted with a unique color for each socket being traced. Right clicking on any row will give you some options such as to view the recorded data trace. You can also filter out unwanted information if you are only concerned with a specific socket.
Screenshot

Скачать!

Registry Trash Keys Finder v.3.8.0 SR2
- Prolongs some software’s trial period
- Search for NULL-embedded (”hidden”) Registry keys
- Keys’ preview and backup before their deleting
- English-German-Korean-French-Dutch-Spanish-Russian interface
- Superfast “Jump to Regedit” function
- Shell command “Open in Regedit” for REG files
Скачать!

DotNET Tracer 0.3
This is a simple tool that has a similar functionality to RegMon or FileMon but it’s designed to trace events in .NET assemblies in runtime, many events can be reported so you can understand what’s going on in the background.
1- Select the assembly you want to analyze
2- Set the Events Mask, i.e Events you want to catch
3- Click “Start”
1- Enhanced scrolling in Events listview using mouse wheel
2- Ability to save events log to (*.log) files for later analysis
3- Every event has a special icon so that you can understand the list more easily
4- Removed skin to reduce flickering and enhance performance
Скачать!

IDA Stealth Plugin
IDA Stealth is a plugin which aims to hide the IDA debugger from most common anti-debugging techniques. The plugin is composed of two files, the plugin itself and a dll which is injected into the debuggee as soon as the debugger attaches to the process. The injected dll actually implements most of the stealth techniques either by hooking system calls or by patching some flags in the remote process.

Скачать!

Resources Extract v1.03
ResourcesExtract is a small utility that scans dll/ocx/exe files and extract
all resources (bitmaps, icons, cursors, AVI movies, HTML files, and more…) stored
in them into the folder that you specify.
You can use ResourcesExtract in user interface mode, or alternatively, you can run
ResourcesExtract in command-line mode without displaying any user interface.
Скачать!

Patch Maker v.1.5.RC2 + src
Useful patch making tool, very customizable. Features:

* LOGO (320×90)
* MIDI/XM music
* NFO-file
* Main icon
* Restore function
* CRK import/export support

Version history:

1.5 RC2 (21/04/2006) - public:
* New design of patch maker utility
+ Save settings option
+ XM music support (uncompressed Patch size is increased by 15k)
+ Output patch compressing
+ Version history

1.3 RC1 (20/04/2006) - private:
+ NFO-file looks pretty

1.2 RC1 (01/04/2006) - public:
+ About box
* Bugfix

1.1 (30/03/2006) - private:
* New design of patch maker utility
* Bugfix

1.0 (01/04/2006) - private, project start:
+ MIDI music support
+ LOGO support (320×90)
+ NFO-file support
+ Main icon
+ Restore function
+ CRK import/export support
Скачать!

67 cryptors in one
Код:
1337_EXE_Crypter
ass-crypter
Aver_Cryptor_1.02_beta
BIP_0.1
Celsius_Crypt_2.0_XOR-Special_Edition
Cigicigi_File_Crypter_1.0
Cryptic_2.1
Daemon_Crypt_2.0
DalKrypt_1.0
DarkAvengard_Crypter
DarkCrypt_1.2_Private_Build
DeX-Crypt_2.0_Private
ExeCrypt_1.0
Falckon_Encrypter_1.0_beta
fEaRz_Crypter_1.0_beta_1
FETiOP_3.0.A_Upgrade
FFC_1.6
File_Crypter
FreeCryptor_0.3b_build_003
GKripto_1.0
h4ck-y0u.org_crypter
Hac-Crew_Crypter
ICrypt_1.0
iNF_CRYPT_
L0rD_Crypter_1.0
MaskPE_2.0
Minke_1.0.1
Morphnah_beta2
Mortal_Team_Crypter_2.0
N-Code_0.2
NOmeR1
Open_Crypter_2.01.0
p0ke_Scrambler_1.2_Private
PEcrypt
Perplex_PE_Protector_1.01dev
Pohernah_1.0.2
Pohernah_1.0.3
Poly_Crypt_2.8
PowerCrypt_v2.0
PrivateKrypt_beta
Protect_-_0.1.5_beta
RCryptor_2.0_Private
RPolyCrypt_1.4.1
RPolyCrypt_1.4.2
Russian_Cryptor_1.0
S1mb10z_2.1
Scramble-Tool_0.2.3b
Silly_Chr_Encrypter_0.5
Simple_Strreverse_Encryption_0.3
SkD_Undetectabler_2_Special_Edition
SkD_Undetectabler_3
Snoop_Crypt
StrAnGe_CrYpTeR
STUD_RC4_1.0
Super_Crypt_1.0
UndergroundCrypter_1.0
UnDo_Crypter
unnamed_Scrambler_1.2_D
Unnamed_Scrambler_2.1.1
Unnamed_Scrambler_2.1
USC_2.1.1_Partial_Cleaning_Patch
Vbs_Encrypter_0.01
Werus_Crypter_1.0
Wind_of_Crypt_1.0
WouThrs_EXE_Crypter_1.0_Beta
X-Crypter_1.2
X-Crypter_1.2__S-B_Version_mod
Скачать(1 часть)
Скачать(часть 2)


Circuit’s Cracker Tool
Crypto:
MD5 Modded (User Input)
MD5
MD4
MD4 Modded (User Input)
Sha1
Sha256
Sha512
RipeMD-128
RipeMD-160
Tiger
Base64 Encoding/Decoding
Cesar Cipher

Conversion:
ASCII To Hex
ASCII To Decimal
Hex To Decimal
Hex To ASCII

Misc:
String Reversing
String Length
String Uppercase
String Lowercase

Calculation:
Hex Calculator
Dec. Calculator
*Div
*Mod
*Multiplication
*Subtraction
*Addition
*XOR
*OR
*NOT
Скачать!

Добавлено через 1 час 3 минуты
LAG Loader Generater 1.2
1.2 update
+ fix boundimport resolve bug
+ fix load check bug
+ use advanced thread control
+ add autosave/autoload config
Cкачать!

DK Binder v1.0
Options:
-unlimited files support
-run or not
-Choose extract path
-Run or not if on VM
-RC4 Encryptions for files
-Show/Hide option
-Parameters support
Скачать!

Superior Patch Generator 1.1
Here is version 1.1 of my AM 6.x inline generator. This tool uses the Superior Method of Inline Patching for the most reliability in getting a working inline (especially for v6.3). Check it out and tell me what you think.
Скачать!

LAG Loader Generater 1.0
Single process and multithread dynamic patch technology
2Easyly patch Exe,Dll,Ocx etc.
3Compatible with asm,vb,vc,vfp,pb,pascal etc.
4More convenient and stability for packed program.
Скачать!

EDB Linux Debugger v 0.9.1 by Evan Teran
Features
* Intuitive GUI interface
* The usual debugging operations (step-into/step-over/run/break)
* Conditional breakpoints
* Debugging core is implemented as a plugin so people can have drop in replacements. Of course if a given platform has several debugging APIs available, then you may have a plugin that implements any of them.
* Basic instruction analysis
* View/Dump memory regions
* Effective address inspection
* The data dump view is tabbed, allowing you to have several views of memory open at the same time and quickly switch between them.
* Importing of symbol maps
* Plugins
o Search for binary strings
o Code Bookmarks
o Breakpoint management
o Check for updates
o Environment variable viewer
o Heap block enumeration
o Opcode search engine plugin has basic functionality (similar to msfelfscan/msfpescan)
o Open file enumeration
o Reference finder
o String searching (like strings command in *nix)
Скачать!

Superior Patch Generator 1.1
Here is version 1.1 of my AM 6.x inline generator. This tool uses the Superior Method of Inline Patching for the most reliability in getting a working inline (especially for v6.3). Check it out and tell me what you think.
Cкачать!

Exeinfo V.0.0.1.8 G3
Код:
Delphi 2007 v11
387. Microsoft Visual C++ v9.0 ( e8 ) www.microsoft.co
388. ActiveMARK 5.x -> Trymedia Systems - www.trymedia.co *ACM
389. (E8) Microsoft Visual C++ 9.0 - Visual Studio 2008
390. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005/2008
391. TTProtect 1.0 - 2007/2008 - www.ttprotect.co (.net/dll)
392. TTProtect 1.0 - 2007/2008 - www.ttprotect.co (exe)
393. MPRESS v1.05 - MATCODE comPRESSor for executables © 2007,2008,
MATCODE Software - www.matcode.co
394. MPRESS v1.07 - MATCODE comPRESSor for executables © 2007,2008,
MATCODE Software - www.matcode.co
395. EncryptPE V2.2008.6.18 China Cracking Group - www.encryptpe.co
396. Empathy 2.1 Exe password 2007.08 (using : PE-Inject Engine 1.0 by
M.Strechovsky ) ( pass decode max.12 char)
397. Microsoft Visual Basic v4.0-6.0 DLL (5A)
398. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 (4xFF25)
399. Borland C++ Copyright ( No Copyr. sign )
400. !EPack 1.4 lite final - by 6aHguT / Team-X 2006.08
Скачать!

Trial-Reset 3.4 Final
Unfortunately I have not much time to dedicate to this project so this is the last version.
I thank all those who helped me in the development.
What’s new v3.4 Final (Public):
-Updated support for WinLicense (Ring-0 Protection)
Скачать!

ArmaGeddon 1.3

Код:
May 2008 - v1.3
+ resolve relocations for dll files (Nacho_dj)
+ added new option to minimize the size of a dumped file (Nacho_dj)
Particulary useful for Shockwave Flash + applications that make use of an overlay. Of course this will also rebuild a normal target’s PE structure.
+ improved import rebuilder v1.1.2 (Nacho_dj)
+ added new option to “Resolve” nanomite INT3 instructions with their original
jmp instructions and patch directly to the dumped target. Requires use of the nanomite “Analyze” + “Log” options. Note: you can also elect to resolve nanomites directly to a target process’s memory if you elect to detach!!
+ integrated Admiral’s Strategic Code Splicing removal engine into the tool.
This is now the (default) behaviour and can be overridden with new option to
redirect CS (code splices) instead
+ new option to dump / decrypt / decompress the .pdata section to a binary file
+ new option to detach from a process (choose: DebugBlocker or CopyMemII)
+ resolve problem for ArmAccess dll function:Installkey missing error msg
+ add support for UPX compressed single process targets
+ new option to change your Standard / Enhanced Hardware Fingerprint ID
+ resolve some minor bugs
===========================================
March 2008 - v1.2g [gabor edition]
+ add warning message for OEP call return VA not from Armadillo VM
Note: Informational, not usually relevant for dll’s or exe’s with copymem2,
but may be useful for troubleshooting invalid OEP’s resulting
from custom implementations and/or packing / compressing of a file
prior to being protected by Armadillo
+ fix problem with copymem2 search string error
+ fix problem with createdump on error
===========================================
March 2008 - v1.2
+ improved PE section name resolution for internal use (thank’s Ghandi)
+ improved ARTeam Import Reconstructor v1.2
===========================================
February 2008 - v1.1
+ added dll support (dll loader.exe)
+ added option “Use OpenMutext trick” to force a single process. Use only if normal “debug blocker” processing fails. This would occur when a parent process launches the child process, but doesn’t debug the child process (i.e. use the WaitForDebugEvent API)
+ improve IAT elimination functionality
+ includes updated ARTeam Import Reconstructor
===========================================
Скачать!

Windows Debuging Tools 6.8.4.0
n this release, more components of the debugger are now redistributable. You will find enhancements to the !lmi and !exchain commands and Symsrv support for resource-only binaries. Numerous improvements have been made to components and commands, such as: !analyze, DBGEng reliability, live KD for Windows Vista, context handling for .frame, .dumpdebug for minidump debugging, and breakpoint list commands. Also included are updates and advances in the documentation. For further details, read the RELNOTES.TXT provided in the package.
Скачать!

MultiExtractor

MultiExtractor is an application that allows you to extract multimedia files. With MultiExtractor you can easy extract/recovery multimedia files stored in database files or executables.
MultiExtractor has a PE-Scan engine that will allow you to extract icons and bitmaps stored in exe-files (32 bit Portable Executable). MultiExtractor extracts files stored in other files and optionally unstored files (stored on disk but not in file).
Скачать!

Xenodecode V0.2, Decoder

This is a tool to get back all strings, which have been encrypted by the protector Xenocode.
Скачать!

Advanced Loader Generator 1.31
Скачать!

APIScan 2.1
APIScan is a simple tool to gather a list of APIs that a target process uses.
You can use this list in an initial analysis to help determine a target’s
general operating nature. Also can be used to help determine patch/update
changes by doing a WinDif on “before” and “after”.
There are similar tools, often more robust (like “Dependency Walker”), but
most of these just parse the target IAT (”Import Address Table”) alone.
APIScan catches dynamically/delayed loaded modules too; and dumps them as a
simple list.
Скачать!

LordPE Deluxe B Patched

Исправленная версия знаменитого дампера и редактора ресурсов от y0da - LordPE. Теперь LordPE Deluxe может отображать больше, чем 60 процессов, за что спасибо ultimategamer’у.
Cкачать!

HashTab 2.1.1

В этой версии:
* Добавлена поддержка drag and drop для сравнения хешей файлов
* Обновлены переводы на немецком, японском, итальянском, французском, украинском, испанском, финском и китайском языках
* Добавлен французский язык
* Исправлена настройка хеш-списка
* В контекстное меню добавлено “Copy All”, для копирования всего списка полученных хешей
* Добавлены хеши MD2 и MD4
* Обновлены переводы, в связи с добавлением новых элементов интерфейса.
Скачать!

Armag3ddon 1.4


This Tool can strip Armadillo Protection from protected Exe’s / Dll’s
Скачать!

ExeInfo PE 0.0.1.9B

Скачать!

Syser Kernel Debugger 1.98

1. Fixed s command bug.
2. Fixed a BOSD bug on Vista (Bug Check 0×1: APC_INDEX_MISMATCH).
3. Add string reference windows of PE.
4. Enhanced mod command, display TimeDateStamp of PE module.
5. Fixed a BOSD bug of device,driver command.
Скачать!

Flashback Protector 1.0 build 08.05 beta 1

* Первая публичная бета версия
* Создан Help
* Улучшена аниотладка
* Улучшена защита от распаковки
* Почти все опции встроены
* Немного изменен интерфейс
* Небольшие изменения
Скачать!

Calc 1.25

Отличный калькулятор от s0larian’а, одного из постояльцев форума cracklab.
v1.25
- fixed a bug where calc was creating an empty .ini file. The .ini is now
only read, never written. Thanks HandMill.
Скачать!

LAG Loader Generater 1.0 build 2008.08.01
1. Single process and multithread dynamic patch technology
2. Easyly patch Exe,Dll,Ocx etc.
3. Compatible with asm,vb,vc,vfp,pb,pascal etc.
4. More convenient and stability for packed program.
Скачать!

WCRPatcher 1.2.12

* Добавленна поддержка изображений в форматах jpg/gif/png.
* Удаленна поддержка прозрачных BMP.
* Обновлён режим О пррограмме (без изображения).
* Исправленны мелкие баги.
Скачать!

DE Decompiler Lite 2.0

GPcH продолжает радовать нас своими продуктами, не так давно обновился De-Decompiler - декомпилятор программ, написанных на Delphi версий с 4 по 2007. Полная профессиональная версия программы стоит денюшку, где-то 99 зеленых за год на одного человека, но можно попробовать использовать и бесплатную lite версию, которая и доступна на нашем сайте.

Последняя версия De-Decompiler’а, претерпела такие изменения:
Add: Ignore bad jumps
Add: Project name detection
Add: Initialize and Finalize functions detection
Add: Processing initialization table for API/KOL compiled projects
Add: Process DLL Export table
Add: Recent files history list in File menu
Add: New plugin functions: ClearAllBuffers, GetCompiler, IsPacked,
SetStackCheckBoxValue, SetAnalyzerCheckBoxValue
Add: If plugin function have error after using method
decompiler return information about this or “1″ if all ok
Add: BPL functions automatic demangler
Add: New DataBase packed format (now supported new and old DataBases)
Add: Decompile DateTime, Currency and Int64 data types
BugFix: Count try/end blocks
BugFix: Parsing error classes don’t stop decompilation
Cкачать!

ACKiller 1.0
Программа предназначена для автоматической распаковки программ, защищенных протектором ACProtect (в прошлом UltraProtect).
Поддерживаются версии ACProtect 1.06, 1.07, 1.09, 1.09c, 1.09e, 1.09g, 1.10, 1.20, 1.21, 1.22, 1.22b, 1.22c, 1.23, 1.30, 1.3b, 1.3с, 1.32, 1.35a, 1.40, 1.41 и 2.0.
Новое в этой версии:
# Возможность распаковки программ с опцией Har
Скачать!

ExeInfo PE 0.0.1.6 C

овая версия PE сниффера, от всех остальных он отличается тем, что может отображать подсказку, то есть тем можно распаковать тот или иной файл.
Cкачать!
 
Ответить с цитированием