After a long and fruitful investigation of The Armadillo Protection System internals I am able to show to you the some of the results of my research. I am presenting a public beta version of AI 0.9b (Armadillo Informant), which at present has been tested on files protected with Armadillo from version 4.40 up to current 8.20 only.
Note:
* All operations are performed on static files, this tool doesn't execute any processes.
* Versions lower than 3.75 are not supported currently, please note this.
* Feature requests and bug reports can be posted in the original thread at ARTeaam and i'll answer them as soon as i can.
* When completed, the tool will be accompanied by a full tutorial explaining how the tool works with Armadillo protected files.
So far it retrieves:
* Version of Armadillo.
* Compression level.
* Protection options.
* Whether or not Armadillo has substituted DWORDs in the .pdata section to thwart static unpacking of the content (v6.xx+)
**************************
*** Currently Disabled ***
**************************
* Other Options (Disable REGISTER, etc) - this function is partially incomplete until i map out all the bits.
* Name of .ARM project the file belongs to.
**************************
There are further additions planned, i'll post them as they are implemented and ready for testing.
发表于 2011-3-25 11:52
发表于 2011-3-25 12:09
|
发表于 2011-3-25 12:23
