condzero
October 31st, 2007, 08:32
info
----
1. Dump and fix ActiveMark v6.2x targets at 2nd layer EP
2. Search for (4) PEB DWORD address pointer references and
create necessary instructions at EP to update for current
execution of dumped file
3. Search for CPUID DWORD address pointer reference and
create necessary instructions at EP to update for current
execution on any machineid of dumped file
4. Better section alignment of dumped file
5. PUSH 2nd layer EP and RETN
6. Append overlay data to end of dumped file
7. Search for and patch VM DWORD address pointer reference
8. Provide the foundation for inline patching dumped file
Please read the readme.txt and document for more information.
Note: This is a dumping tool, not an unpacker or DRM removal tool.
If you have d/l'ed a previous version of this tool, you are
advised to get the latest v1.2 which includes all of the above
modifications.
Source code included.
Get it on the [ARTEAM] RCE related tools page.
cheers!
----
1. Dump and fix ActiveMark v6.2x targets at 2nd layer EP
2. Search for (4) PEB DWORD address pointer references and
create necessary instructions at EP to update for current
execution of dumped file
3. Search for CPUID DWORD address pointer reference and
create necessary instructions at EP to update for current
execution on any machineid of dumped file
4. Better section alignment of dumped file
5. PUSH 2nd layer EP and RETN
6. Append overlay data to end of dumped file
7. Search for and patch VM DWORD address pointer reference
8. Provide the foundation for inline patching dumped file
Please read the readme.txt and document for more information.
Note: This is a dumping tool, not an unpacker or DRM removal tool.
If you have d/l'ed a previous version of this tool, you are
advised to get the latest v1.2 which includes all of the above
modifications.
Source code included.
Get it on the [ARTEAM] RCE related tools page.
cheers!