Log in

View Full Version : Armadillo 3.6x

tenketsu
May 23rd, 2004, 16:59
Well ArmaCrap again..

I try UCompare from IDM Computer Solutions, Inc. & find some sorprises.

Ollybdg is detected !!

A far return is implemented in father process.

Check it!, and have some FUN.

Post comments......
dELTA
May 24th, 2004, 07:37
Yes, you can read about this detection in other Armadillo threads on this board.
tenketsu
May 24th, 2004, 09:45
ok!
tenketsu
May 24th, 2004, 19:56
I dump UCompare, rebuild the IAT & work's fine in WinXP.

In Win2K one error in the IAT by kernel32.RestoreLastError, this function is available only in WinXP don't work on Win2K or Win98.

If anyone has this error only rebuild the IAT & replace RestoreLastError for SetLastError (not SetLastErrorEx).

I get disapointed; for the dump, rebuild & crack [only 4 bytes ] i have used 25-35 minutes.........

That's all folk's
tenketsu
May 26th, 2004, 22:51
I try UEdit [IDM Computer Solutions, Inc.]

Datos:
*CopyMemII
*IAT fuera de la memoria del ejecutable
*IAT Destrozada
*Nanomites [el algoritmo de saltos ya cambio]

Toda una joya no creen
tenketsu
May 27th, 2004, 23:06
y... bien.

DUMP: ok!

IAT: ok!

NANOMITES: En este armadillo la tabla de las direcciones donde se encuentran los nanomites esta encriptada [o he sido burlado ].
En el proceso padre solo hay una cadena de bytes 03000080 [80000003], pero me detecta cada BPx de todos tipos y tamaņos, cierra al hijo y se cuelga.

Se aceptan sugerencias.
JMI
May 28th, 2004, 00:01
tenketsu:

The expected language of this Forum is English. There are other Forums if you prefer to post in other languages. Also this is not the appropriate place for you to post your view of your own personal exploits. We really aren't interested in reading about your bragging about your accoumplishments. I hope this message is clear.

Regards,
tenketsu
May 28th, 2004, 00:34
Don't put the last 2 post in english because i don't speak this language at 100%
I only post comments, teories or ideas.
My intention is not get glory or status, is only share, comment & get comments about the post.

I'm so sorry if my style-idology are pretentious.

Well, i think... that's it
Hopcode
May 28th, 2004, 05:17
So far as i can read, your ideas is just a rip off of Ricardo

People here are sharing informations, if you just want to brag about what "you" have done, then do that somewhere else.
Especially not in spanish or whatever language.

Cheers,

Hopcode

Quote:
[Originally Posted by tenketsu]Don't put the last 2 post in english because i don't speak this language at 100%
I only post comments, teories or ideas.
My intention is not get glory or status, is only share, comment & get comments about the post.

I'm so sorry if my style-idology are pretentious.

Well, i think... that's it
tenketsu
May 28th, 2004, 09:56
Call me "braggart" is excessive, but i thik maybe it's my fault.

Call me "ripper" is unacceptable.

I really apreciate Ricardo Narvaja an his FTP , for his knowledge & he is nice, agreable.

The forum is yours [admins-useres] then i dont't start another thread anymore. Thank's for all.