火星信息安全研究院
Hack-Crack 信息安全 【Institute Of Information Serurity From Mars】
早在很久之前就写过一个导入Unicode字符串注释的脚本,但是脚本操作还是有自己的局限性。每次都要通过其他的分析工具搜索定位到字符串,然后导出,在然后倒入。这是多么蛋疼的时间事情啊。 
(关于插图:
Augusta Ada King, Countess of Lovelace (10 December 1815 – 27 November 1852), born Augusta Ada Byron, was an English writer chiefly known for her work on Charles Babbage’s early mechanical general-purpose computer, the analytical engine. Her notes on the engine include what is recognised as the first algorithm intended to be processed by a machine; thanks to this, she is sometimes considered the “World’s First Computer Programmer”
She was the only legitimate child of the poet Lord Byron (with Anne Isabella Milbanke). She had no relationship with her father, who died when she was nine. As a young adult, she took an interest in mathematics, and in particular Babbage’s work on the analytical engine. Between 1842 and 1843, she translated an article by Italian mathematician Luigi Menabrea on the engine, which she supplemented with a set of notes of her own. These notes contain what is considered the first computer programme — that is, an algorithm encoded for processing by a machine. Though Babbage’s engine has never been built, Lovelace’s notes are important in the early history of computers. She also foresaw the capability of computers to go beyond mere calculating or number-crunching while others, including Babbage himself, focused only on these capabilities.)
到网上随便搜了搜发现hexrays曾经发布过一个处理unicode字符串的插件,猛击此处访问插件页面。插件的名字叫做unispector。并且在插件页面提供了相关的源代码下载,但是偶下载编译之后在新版的ida下无法成功加载,并且没有出现应有的效果。
Seeing there isn’t any binary copy-and-paste functionality in IDA, this plug-in will take care of both
copy and paste operations allowing you to take a chunk of binary from one place and overwrite
another with it. You need to modify your plugins.cfg file as this is a multi-function plug-in, needing
one invocation for copy and another for paste. Obviously it only supports copying and pasting
within IDA, however it could probably be extended to go beyond that.
Continue reading
安装说明:
1.请按照提示信息进行操作,如果选择错误目录将会导致模板无法正常加载或者无法正常创建工程;
2.请确认安装目录为VS的vc根目录:如果是Win7 + vs2010则默认目录如下所示:
C:Program Files (x86)Microsoft Visual Studio 10.0VC
3.本工具的修改版本去除了插件自动复制功能,如果需要开启该功能请手工编辑
appwizIDA ProScripts1033default.js文件,去掉如下几行的注释:
否则会导致无法找到include目录或文件,或者无法生成plw文件。
4.部分错误目前尚未修正,将在未来版本进行修正。
1 2 | 393行 //PostBuildTool.Description = 'Copying "$(TargetFileName)" to "' + strCopyToFolder + '"...'; 397行 //PostBuildTool.CommandLine = 'copy /b /y "$(TargetDir)$(TargetFileName)" "' + strCopyToFolder + '"'; |
zynamics BinDiff, the leading executable-comparison tool for reverse engineers that need to analyze patches, malware variants, or are generally interested in the differences between two executables.
Download link:http://depositfiles.com/files/7ypfl1p8y/Zynamics.BinDiff.v4.0.1.Incl.Keyfilemaker.and.Patch-EMBRACE.rar
- 2012-05-15 12:13:16 #obabyobaby 说 《北京日报》微博呼吁骆家辉公布财产,它并不知道早在1978年美国通过了《政府伦理法》,要求每位联邦雇员申报财产,而骆家辉的财产早就公开了。《北京日报》微博是在昨天转发一网友微博时,发出了“请骆家辉公布财产”的要求,该帖子已经删除,它重新转发了该微博,但删除了评论。 2012-05-15 12:13:16 from Web […]
![[Valid RSS]](http://www.h4ck.org.cn/valid-rss-rogers.png "Validate my RSS feed")
火星信息安全研究院 by obaby is licensed under a Creative Commons 署名-非商业性使用-相同方式共享 2.5 中国大陆 License.
基于www.h4ck.org.cn上的作品创作。