NTG Posted February 19, 2016 Posted February 19, 2016 (edited) Hey all, recently I came across some old source code from me again for an OllyDbg Deobfuscator Plugin, so I decided why not share it as well. I wanted to improve it and use emerged librarys but that was just a hobby and I haven't found time again for it. Maybe the code can help someone working on x86 deobfuscation and that kind of stuff to get some ideas... OllyDeobfuscator.rar Edited February 19, 2016 by NTG 11
mrexodia Posted February 20, 2016 Posted February 20, 2016 One of the more interesting source code I saw recently! I will try to read more of it once I'm home again Greetings 1
NTG Posted February 21, 2016 Author Posted February 21, 2016 Thanks Mr. eXoDia! The reason why I didn't continue to work on the project was because it was basically a dead-end project, it was dependent on OllyDbg and didn't use libraries like Capstone or Unicorn (wasn't available back then), so I looked up accessed flags, register and stuff like that by myself. I wanted to do a rewrite as a generic library but unfortunately the project didn't go very far since I became busy with other stuff. It was still interesting, it was actually able to grab handlers from Themida CISC and RISC VMs (without fake jumps only if I remember right), remove a lot of junk code from them and write them back. Talking about single handlers here only. But still it didn't make much sense to continue working on the project without a rewrite... 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now