Is there i way that i can use PhantOm plugin in my external app ?
If so how ?


Regards,
LaBBa.

generally speaking the Olly plugins are normal dlls then using anyone of them is just a matter of invoking the right exports, but there's an additional difficulty, because plugins can callback Olly asking for specific services, in this case your application should offer the same exports invoked by Phanton. If you look the import table of Phantom you'l see that there are several services that this dll asks back to Olly. If you change the import table of Phantom to let it point to your application and you offer the same services then you can use Phantom without Olly.

the problem would be the .dll relies on the Olly plugin interface so would prolly be easier to Reverse phantom then trying to just load the .dll ... and then remake it in your own .dll , in any case writing a anti-anti dbg library should be a fun thing todo anyways , and not that much effort required. a nice reference is

http://www.securityfocus.com/infocus/1893?ref=oco

id vote for writing your own , rather then trying to spend time wondering about the olly objects and such

i think you are totaly right .. i will start code my own anti-anti dll should learn one or two things from it

Thanks
LaBBa.

Dunno if this helps you or not, but you can download a useful olly plug with quite abit of anti anti debug options, with full asm source

http://reversengineering.wordpress.com/2008/08/16/poisonollydbg-plugin-src/

Darren