OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Topic created on: March 24, 2008 03:01 CDT by linestyle .

1.1 changelog:
(1) fix some bugs for embedexe (report by VirusBuster)
(2) fix dump file's name repeat
1.2 changelog:
(1) add gui for cvas.exe
(2) add update function
(3) delete tmp file (report by VirusBuster)
(4) optimize dump file size

You can download at here.
http://www.cambex.cn/soft/FAS.RAR

sovietskicpu		March 24, 2008 10:02.43 CDT
and you forget the 5th task :p 5) Remove the Backdoor...

daniellewis		March 24, 2008 18:35.25 CDT
without looking at his code... "aww, but that would defeat the purpose! he put so much effort into setting up something we would install." sovietskicpu, you wanna throw a hint at where the backdoor is for us? not that I'm personally interested, but substantiating that would probably help some of us out. It's not like he can prove there isn't a backdoor.

linestyle		March 24, 2008 21:26.53 CDT
> sovietskicpu: and you forget the 5th task :p > > 5) Remove the Backdoor... Where is the Backdoor? cvas.exe is not have any internet functions. Many people already use my tool in virus analyse.

linestyle		March 24, 2008 21:36.32 CDT
daniellewis, i also want to know.:) Where is the backdoor?

sovietskicpu		March 26, 2008 18:58.54 CDT
..."Many people already use my tool in virus analyse" "Do not email me for source, because i alse not have it. Maybe AVP has it. :)" Just what are you trying to hide behind the Themida Layer ? and speaking about Z0mbie ? And looking at the dump list you supplied.. you better talk about Mickey Mouse, he will surely help you figure out what is the meaning of PE PATCH and craps.. You are trying to learn english as you said and I am trying to learn how to tell you "Stop Bitching" in chineese, capish ?! just fill up the 5th task and go make a long ride on www.disney.com ;-) And just stop sending me Private Messages ;)

RabidCicada		March 27, 2008 12:39.37 CDT
I merder teh engrish even mo're-

Note: Registration is required to post to the forums.

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit