我为Dotnet狂

------学而不思则罔,思而不学则殆

 

查壳脱壳工具介绍(图)

软件加壳,可以起到压缩自身体积,防止资源被修改,同时也提高了破解难度的目的。我们调试一个软件,非压缩壳一般都需要先脱壳修复程序后方可调试。常见的加壳工具我们将在下文给予介绍。这里我们先来介绍一下查壳及通用脱壳工具。
常见的程序编写语言有:
Borland Delphi 6.0 - 7.0
Microsoft Visual C++ 6.0
Microsoft Visual Basic 5.0 / 6.0
还有汇编、易语言等。
 
I 查壳工具介绍:
 
我们在很多破解教程中都能够看到这个查壳工具fileinfo.exe(简称fi),由于很久都没有更新,故不推荐大家使用。目前大家常用的查壳工具主要有PEiD v0.94 和 DiE 0.63 汉化版。本人感觉DiE 0.63的功能更强大些。软件界面如下图所示:(汉化版下载,详见附件)


 II 通用脱壳机介绍:
现在比较好用的通用脱壳工具这里推荐两个:
 
1.RL!dePacker 1.3
官方地址:ap0x.jezgra.net
官方下载:http://ap0x.jezgra.net/unpackers.html
汉化版下载,详见附件。


 
目前该脱壳机已经支持以下84种壳的脱壳。到该软件的官方,还可以下载到其他的脱壳工具,这里就不一一列举。
 
RL!dePacker is tested with 84+ packers:
 
UPX 0.8x - 2.x [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
HidePX 1.4 [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
ASPack 1.x - 2.x
eXPressor 1.2.x - 1.4.x
EZip 1.0
MEW 1.x
NeoLite 1.0 & 2.0
JDPack 1.x
JDProtect 0.9
nSPack 2.x - 3.x [use GenOEP to detect true OEP and Force OEP option in all cases!]
PECompact 1.x - 2.x
WWPack32 1.x
WinUPack 0.2x - 0.3x
PeX 0.99
PC Shrink 0.71
Polyene 0.01
FSG 1.xx & 2.0
PackMan 0.0.0.1 & 1.0
UPolyX 0.4 & 0.5
UPXRedir [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
UPXCrypt [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
32Lite 0.3a
Stone`s PE Encryptor 2.0
NWCC
HidePE 2.1
StealthPE 2.1
PE Diminisher 0.1
ORiEN 2.12
AHPack 1.x
Software Compress 1.x
PolyCrypt PE 2.1.5
PeTite 1.x
SPLayer 0.08
ShrinkWarp 1.4
[G!X]`s Protector 1.2
!ExE Pack 1.x
LameCrypt 1.0
Winkript 1.0
SPEC b3
DEF 1.0
EP Protector 0.3 [don`t use GenOEP function since it is jammed!]
SmokesCrypt 1.2
dot Fake Signer 3.x
VirogenCrypt 0.75
UPX Inkvizitor [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
UPXFreak 0.1 [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
dePack
Simple UPX-Scrambler[use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
BJFNT 1.3
PEStubOEP 1.6
KByS Packer 0.2x
PELockNT 2.x
aUS [Advanced UPX Scrambler] 0.4 - 0.5
hmimys-Packer 1.x
nPack 1.x
UPolyX 0.x [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
PePack 1.0
UPXLock 1.x [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
PC PE Encryptor alpha [use GenOEP to detect true OEP in all cases!]
UG Chruncher 0.x
UPX-Scrambler RC 1.x [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
UPX Protector 1.0x [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
UPXShit 0.06 & 0.0.1 [use GenOEP to detect true OEP in Delphi case! UPX 2.x STUB]
yC 1.0
SimplePack 1.x
RLPack Basic Edition 1.x
BeRoEXEPacker 1.x
PackItBitch
PEncrypt 4.0 [use GenOEP to detect true OEP in all cases!]
ReCrypt 0.15 - 0.80 [and all other versions that do not use API redirection, use Tracer option to fix IAT]
PEnguinCrypt 1.0
UPXScramb 2.x
tELock [use Tracer option to fix IAT on versions higher than 0.80]
yC [use Tracer option to fix IAT on versions higher than 1.1]
CryptoPeProtector 0.9x [use Tracer option to fix IAT on all versions]
SLVc0deProtector 1.x [use Tracer option to fix IAT on all versions, manually fix stolen code]
ARMProtector 0.x
EXEStealth 2.x [use Tracer option to fix IAT on all versions]
PeLockNt 2.x
Perplex PE-Protector 1.x [use Tracer option to fix IAT on all versions]
CodeCrypt 0.16x
!EP (ExE Pack) 1.x [without Morphine protection]
Krypton 0.x [use Tracer option to fix IAT on all versions]
OrIEN 2.1x [use Tracer option to fix IAT on all versions]

 
2.QuickUnpack V1.0 RC1
官方地址:http://qunpack.ahteam.org/
官方下载:http://qunpack.ahteam.org/wp-content/uploads/2007/03/quickunpack10rc1.zip

 
更多信息:http://upxshell.sourceforge.net
官方下载:http://nchc.dl.sourceforge.net/sourceforge/upxshell/UPXShell-3.4.2.2007-Setup.exe

posted on 2008-12-18 15:55  3stones  阅读(5797)  评论(0编辑  收藏  举报

导航