萬能脫殼工具 – QuickUnpack 2.1 漢化版

萬能脫殼工具 - QuickUnpack 2.1 漢化版2008-04-19 15:56

QuickUnpack是一個通用的脫殼工具，他能夠脫絕大部分壓縮殼和小部分加密殼。 一般來說，軟體作者會給自己準備發布的軟體進行加殼處理，這樣做一是可以減少軟體的體積，二是可以一定程度上的防止軟體被逆向工程。 加殼軟體一般分為兩類，一是壓縮殼，例如upx和aspack。另一類是加密殼，例如themida和asprotect。QuickUnpack適合對前者脫殼。 當你要對一個軟體進行漢化或者做其他修改時，如果軟體被加殼，就需要對先軟體進行脫殼處理。脫殼是非常複雜的，需要豐富的軟體調試和彙編知識。特別是加密殼，這其實是一個軟體破解過程。   QuickUnpack是我用過的最好的脫殼程式，幾乎能脫掉大部分的殼。上一個版本2.0 final大約在半年前發布，這次發布的是2.1版本，根據官方說明，可以脫掉以下的殼： 32Lite AnslymPacker AREA51 Cryptor Armadillo (minimal protection) AsdPack ASPack ASProtect (old versions) BeroEXEPacker CD-Cops DDeM depack DragonArmor Exe32Pack ExeCryptor (old versions) ExeFog ExeSax ExeShield ExeStealth fEaRz Crypter FreeCryptor FriCryptor FSG HidePE HidePX hmimys-Packer JDPack KByS kkrunchy LameCrypt Manolo MEW Minke NeoLite NME NsPack Orien PackMan PECompact PEDiminisher PE-PACK PEncrypt Perplex PE-Protector PeTite PEX PI Cryptor PKLite32 PollyBox PolyEnE Protection Plus QrYPt0r NuTraL Poly QuickPack RLPack Sopelka StealthPE TeLock (not all versions) TheMida (minimal protection) unnamed Scrambler UPack UPolyX UProtector UPX WindOfCrypt WinUPack WWPack32 Yoda Crypter Yoda Protector YZPacker ...many others... 相對於上一個版本，2.1做了如下的改進： [!] fixed many bugs like crash on some applications while restoration of resources [!] multithreaded applications are now handled properly [+] added ability to set end of module when tracing import functions. When a reference to import is found it's analysed if it leads to some space outside of the module (not to trace some internal functions). But some packers redirect import to the last section. This option is intended to aid this problem. This is RVA [+] added ability to put import table at given RVA instead of adding extra section [+] added ability to set RDTSC delta for RDTSC hook (see more on rdtsc_delta in Scripts.eng.txt) [+] Load libraries only option added to import recovery methods. this option doesn't actually recover import it just puts 1 import function from every loaded DLL into the import table. thus dump will be loaded with all the necessary libraries and will use old addresses for import functions which were set by a protector. this option can be used if import redirection is too complicated but the dump will stop working after service pack or some other patch installation [+] Execute functions while tracing import option is added. by default while tracing import functions are not executed but some protectors need result of these functions to operate correctly so this option can be used [+] Process call xxx/jmp xxx option is added. some protectors change import calls and jumps from call [xxx]/jmp [xxx] to call xxx/jmp xxx. this option is intended to work also with these redirections [+] added several new functions and variables for the scripts [+] UsAr's generic OEP finder now supports DLLs [+] new Vista manifest added   由於是英文版的，我進行了簡單的漢化，這樣介面基本上是中文了。要官方英文版的點這裡。 軟體功能很多，除了對exe檔案脫殼，還能通過附加進程的方式對dll檔案脫殼。另外除了手動脫殼，還能編寫指令碼進行自動脫殼。   下載（1.1M）：S.eVxz | 納米盤 | mediafire