NTG Posted February 19, 2016 Share Posted February 19, 2016 (edited) Hey all, recently I came across some old source code from me again for an OllyDbg Deobfuscator Plugin, so I decided why not share it as well. I wanted to improve it and use emerged librarys but that was just a hobby and I haven't found time again for it. Maybe the code can help someone working on x86 deobfuscation and that kind of stuff to get some ideas... OllyDeobfuscator.rar Edited February 19, 2016 by NTG 11 Link to comment
mrexodia Posted February 20, 2016 Share Posted February 20, 2016 One of the more interesting source code I saw recently! I will try to read more of it once I'm home again Greetings 1 Link to comment
NTG Posted February 21, 2016 Author Share Posted February 21, 2016 Thanks Mr. eXoDia! The reason why I didn't continue to work on the project was because it was basically a dead-end project, it was dependent on OllyDbg and didn't use libraries like Capstone or Unicorn (wasn't available back then), so I looked up accessed flags, register and stuff like that by myself. I wanted to do a rewrite as a generic library but unfortunately the project didn't go very far since I became busy with other stuff. It was still interesting, it was actually able to grab handlers from Themida CISC and RISC VMs (without fake jumps only if I remember right), remove a lot of junk code from them and write them back. Talking about single handlers here only. But still it didn't make much sense to continue working on the project without a rewrite... 1 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now