Introduction to shell check and shelling tools (figure)
Source: Internet
Author: User
Software shelling can compress the volume to prevent resource modification and increase the difficulty of cracking. We need to debug a software. Generally, the non-compressed Shell needs to be removed first. Program Debugging is supported. Common shelling tools are described below. Here we will introduce shell check and General Shell removal tools.
Common programming languages include:
Borland Delphi 6.0-7.0
Microsoft Visual C ++ 6.0
Microsoft Visual Basic 5.0/6.0
Compilation and easy language.
I shell Check Tool introduction:
We have been able to see this shell tool fileinfo.exe (Fi for short) in many cases. It is not recommended because it has not been updated for a long time. Currently, common shell checking tools include peid v0.94 and die 0.63 in Chinese. I feel that the functions of die 0.63 are more powerful. Shows the Software Interface: (for the Chinese version, see the attachment)
II General shelling machine introduction:
We recommend two General Shell removal tools:
1. rl! Depacker 1.3
Official Address: ap0x.jezgra.net
Download: http://ap0x.jezgra.net/unpackers.html
Download the Chinese version. For more information, see the attachment.
Currently, the shelling machine supports the following 84 cases. Go to the software's official website and download other shell removal tools, which will not be listed here.
RL! Depacker is tested with 84 + packers:
UPX 0.8x-2.x [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Hidepx 1.4 [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
ASPack 1.x-2.x
Expressor 1.2.x-1.4.x
E zip 1.0
MEW 1.x
Neolite 1.0 & 2.0
Jdpack 1.x
Jdprotect 0.9
Nspack 2.x-3.x [Use genoep to detect true OEP and force OEP option in all cases!]
Pecompact 1.x-2.x
Wwpack32 1.x
Winupack 0.2x-0.3x
Pex 0.99
PC shrink 0.71
Polyene 0.01
FSG 1. XX & 2.0
Packman 0.0.0.1 & 1.0
Upolyx 0.4 & 0.5
Upxredir [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Upxcrypt [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
32 lite 0.3a
Stone's PE encryptor 2.0
Nwcc
Hidepe 2.1.
Stealthpe 2.1
PE diminisher 0.1
Orien 2.12
Ahpack 1.x
Software compress 1.x
Polycrypt PE 2.1.5
Petite 1.x
Splayer 0.08
Shrinkwarp 1.4
[G! X]'s protector 1.2
! EXE pack 1.x
Lamecrypt 1.0
Winkript 1.0
Spec B3
Def 1.0
EP protector 0.3 [don't use genoep function since it is jammed!]
Smokescrypt 1.2
Dot fake signer 3.x
Virogencrypt 0.75
UPX inkvizitor [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Upxfreak 0.1 [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Depack
Simple UPX-scrambler [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
BJ fnt 1.3
Pestuboep 1.6
Kbys packer 0.2x
Pelocknt 2.x
Aus [advanced UPX scrambler] 0.4-0.5
Hmimys-packer 1.x
Npack 1.x
Upolyx 0.x [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Pepack 1.0
Upxlock 1.x [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Pc pe encryptor Alpha [Use genoep to detect true OEP in all cases!]
Ug chruncher 0.x
UPX-scrambler RC 1.x [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
UPX protector 1.0x [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
Upxshit 0.06 & 0.0.1 [Use genoep to detect true OEP in Delphi case! UPX 2.x stub]
YC 1.0
Simplepack 1.x
Rlpack basic edition 1.x
Beroexepacker 1.x
Packitbitch
Pencrypt 4.0 [Use genoep to detect true OEP in all cases!]
Recrypt 0.15-0.80 [and all other versions that do not use API redirection, use tracer option to fix IAT]
Penguincrypt 1.0
Upxscramb 2.x
Telock [use tracer option to fix IAT on versions higher than 0.80]
YC [use tracer option to fix IAT on versions higher than 1.1]
Cryptopeprotector 0.9x [use tracer option to fix IAT on all versions]
Slvc0deprotector 1.x [use tracer option to fix IAT on all versions, manually fix stolen Code]
Armprotector 0.x
Exestealth 2.x [use tracer option to fix IAT on all versions]
Pelocknt 2.x
Perplex pe-Protector 1.x [use tracer option to fix IAT on all versions]
Codecrypt 0.16x
! EP (exe pack) 1.x [without morphine protection]
Kryton 0.x [use tracer option to fix IAT on all versions]
Orien 2.1x [use tracer option to fix IAT on all versions]
2. quickunpack V1.0 RC1
Official Address: http://qunpack.ahteam.org/
Download: http://qunpack.ahteam.org/wp-content/uploads/2007/03/quickunpack10rc1.zip
More information: http://upxshell.sourceforge.net
Download: http://nchc.dl.sourceforge.net/sourceforge/upxshell/UPXShell-3.4.2.2007-Setup.exe
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.