Hey all,

recently I came across some old source code from me again for an OllyDbg Deobfuscator Plugin, so I decided why not share it as well. I wanted to improve it and use emerged librarys but that was just a hobby and I haven't found time again for it. Maybe the code can help someone working on x86 deobfuscation and that kind of stuff to get some ideas...

OllyDeobfuscator.rar

Edited February 19, 20169 yr by NTG

One of the more interesting source code I saw recently! I will try to read more of it once I'm home again

Greetings

Thanks Mr. eXoDia!

The reason why I didn't continue to work on the project was because it was basically a dead-end project, it was dependent on OllyDbg and didn't use libraries like Capstone or Unicorn (wasn't available back then), so I looked up accessed flags, register and stuff like that by myself.

I wanted to do a rewrite as a generic library but unfortunately the project didn't go very far since I became busy with other stuff.

It was still interesting, it was actually able to grab handlers from Themida CISC and RISC VMs (without fake jumps only if I remember right), remove a lot of junk code from them and write them back. Talking about single handlers here only.

But still it didn't make much sense to continue working on the project without a rewrite...