Hi all,

I was going to submit my OllyDbg2 plugin to the RCE tool library but couldn't find an OllyDbg2 category ..
I don't want to confuse things by putting OllyDbg v2 with OllyDbg v1.10
So could someone please add a new category, and my plugin to it please. Thanks

Anyway, my plugin hides OllyDbg2 from detection / anti-debug tricks. It's written from scratch since so many old detections are now irrelevant, eg ESI != -1, so I will add things if they are useful for Olly2

I hope it is useful to you



Have fun!
BoB

Hi BoB

Thanks for kicking this off. I added a new category for OllyDbg 2.x extensions

http://www.woodmann.com/collaborative/tools/Category:OllyDbg_2.x_Extensions

and added your plugin, please modify if desired

http://www.woodmann.com/collaborative/tools/Hyde


For all, please add any other 2.x plugins under this category. There is a permanent link to the 1.x and 2.x OllyDbg Extensions under "Some Useful Places" at the bottom of the forum page.

Cheers,
Kayaker

Thank you Kayaker

this is going to be very promising, as i am trying to port over to the new olly2 from olly1.10 aswell x)
ty for putting your effort in BoB

APIs are redirected to RW-memory, so NX-fault happens!
change allocation tape to RWE.

2. with ALL-PATCHES-SET, stack overflow happens (probably many stack used, or recursive calls?)
CheckDebug.EXE

Hi evaluator,

Sorry for some reason I am not getting notifications.
For patches the code is in allocated RE memory, data is in allocated RW memory, I have had no problems reported before about NX-fault on any system. What OS did you test with?

Thanks,
BoB

Hi all,

New v1.01 version of my plugin is released, please see http://bob.droppages.com/Projects/OllyDbg2/Hyde ("http://bob.droppages.com/Projects/OllyDbg2/Hyde") for download link and full information.

Have fun!
BoB

hi! v1.01 checked - OK!