Want to Join Us ?

you'll be able to discuss, share and send private messages.

Armadillo Environment Variables Finder 1.1 + Injector 1.1

Discussion in 'Tools of the Trade.' started by storm shadow, Mar 23, 2013.

Share This Page

  1. storm shadow

    Techbliss Owner Admin Ida Pro Expert Developer

    Armadillo Environment Variables Finder
    - a supporting tool for analyzing dumps
    or executable files after removing
    attachments protector Armadillo. It
    shows what the standard environment
    variables tread used and what the standard
    features of dynamic library ArmAccess.dll called.
    The search is performed both by ANSI,
    and in Unicode strings. The list shall
    indicate the physical position in the
    file, encoding, and found the name of
    the variable or function. User variables
    are not handled by default, but you can
    add the value you want to file aev_uservars.
    txt, which must be placed in the program.
    Double click on the line opens a window
    with additional information about the variable:
    the virtual address, physical address,
    and cross-references. In the folder with
    the test file is created the log file from
    the search results. Further, the obtained
    values 鈥嬧€媍an be used in the program



    Armadillo Environment Variables Injector
    - is a helper utility to bypass the security
    program based on environment variables hinged
    tread Armadillo. After removing the Armadillo
    and restore the dump with Armadillo Environment
    Variables Injector you can add to the unpacked
    file code that is run automatically sets environment
    variables to the correct values. Thus there is no
    need to look for and patch testing environment variables
    in the program. Verified to work on Windows XP and Windows
    7, including 64-bit systems. Supported executables and DLL-
    library. To find the names of variables used in the file,
    you can use the utility Armadillo Environment Variables
    Finder.聽If you use to unpack ArmaGeddon, then do not put
    a check on the option "Minimize size", as in this case,
    the patch will fail. To remove sections of the tread of
    the box, I recommend using the program CFF Explorer.聽As
    the payload software developers can also use the utility
    Armadillo Environment Variables Injector. With it you
    can test and debug their programs reaction to events
    Armadillo without the need of a protector to hang himself.


    http://www.manhunter.ru/releases/449_armadillo_environment_variables_finder_1_1.html
    http://www.manhunter.ru/release/441_armadillo_environment_variables_injector_1_1.html
     
    Rip Cord likes this.
Top