| Сейчас на форуме: artyavmu (+8 невидимых) |
 |
eXeL@B —› Софт, инструменты —› IdaPlagins |
| Посл.ответ | Сообщение |
|
|
Создано: 06 сентября 2008 11:30 · Личное сообщение · #1 IDA Stealth Plugin 09/02/2008 - v1.0 Beta 2 Bugfix: Due to improper checking of input parameters in the NtQuerySystemInformation hook, the debugged process could raise an exception, finally unveiling the existence of IDA Stealth Bugfix: Hiding of possibly existing kernel debugger now working correctly Bugfix: Fake parent process and Hide IDA from process list are no longer mutual exclusive Bugfix: NtQueryInformationProcess hook accepted too small input buffers Bugfix: NtQueryInformationProcess hook erroneously assumed the process handle to be always that of the current process Bugfix: Exception caused by closing an invalid handle is now properly hidden from the debugged process by using SEH or Vectored exception handling Bugfix: NtSetInformationThread wasn't hooked at all due to a typo Bugfix: Added checks to hook functions so they behave as expected when an invalid handle is passed. Affected functions: NtSetInformationThread SuspendThread SwitchDesktop NtTerminateThread NtTerminateProcess Bugfix: RtlGetVersion returned wrong platform ID and build number Added: Console version of IDA is also hidden from process list  6bd6_06.09.2008_CRACKLAB.rU.tgz - IDAStealth.rar
----- Чтобы правильно задать вопрос, нужно знать большую часть ответа. Р.Шекли.  |
|
|
Создано: 06 сентября 2008 13:03 · Личное сообщение · #2 |
|
eXeL@B —› Софт, инструменты —› IdaPlagins |
| Эта тема закрыта. Ответы больше не принимаются. |
Для печати