Jump to content
Tuts 4 You
Sign in to follow this  
NTG

OllyDbg Deobfuscator C++ Source

Recommended Posts

NTG

Hey all,

recently I came across some old source code from me again for an OllyDbg Deobfuscator Plugin, so I decided why not share it as well. I wanted to improve it and use emerged librarys but that was just a hobby and I haven't found time again for it. Maybe the code can help someone working on x86 deobfuscation and that kind of stuff to get some ideas...

OllyDeobfuscator.rar

Edited by NTG (see edit history)
  • Like 10

Share this post


Link to post
mrexodia

One of the more interesting source code I saw recently! I will try to read more of it once I'm home again :)

Greetings

  • Like 1

Share this post


Link to post
NTG

Thanks Mr. eXoDia!

The reason why I didn't continue to work on the project was because it was basically a dead-end project, it was dependent on OllyDbg and didn't use libraries like Capstone or Unicorn (wasn't available back then), so I looked up accessed flags, register and stuff like that by myself.

I wanted to do a rewrite as a generic library but unfortunately the project didn't go very far since I became busy with other stuff.

It was still interesting, it was actually able to grab handlers from Themida CISC and RISC VMs (without fake jumps only if I remember right), remove a lot of junk code from them and write them back. Talking about single handlers here only.

But still it didn't make much sense to continue working on the project without a rewrite...

  • Like 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...