Results 1 to 15 of 28

Thread: ArmaGUI - Yet another arma tool

Threaded View

  1. #1

    ArmaGUI - Yet another arma tool

    Supported Armadillo options:
    Standard Features
    Debugblocker
    CopyMemII
    Nanomites
    Import Elimination
    Strategic Code Splicing

    Main features:
    Complete automatic recover and validation of nanomites, even the fake ones in the tables;
    Complete automatic reinsertion of Strategic Spliced Code at the original location before exe was protected by Armadillo;
    Complete rebuild of the dumped file, cleaning all the trash;
    Complete rebuild of the IAT without the use of any extern tool;



    Introduction & Disclaimer:
    ArmaGUI unpacking tool for the commercial protector Armadillo from Silicon Realms Toolworks (http://siliconrealms.com/index.shtml), it supports most of the protection options offered by Armadillo since version 3.
    It's coded in VC++ with MFC for GUI support with some inline asm, MFC is the explanation to the over bloated 212kb exe file, and its only tested on XP SP2, maybe it works on w2k3 too, forget anything bellow XP.
    This project was started based on a "challenge" by crUsAdEr on the Woodmann excellent forum: http://www.woodmann.com/forum/showthread.php?t=6365
    crUsAdEr said: "hopefully u wont spread it to everyone though cos unpackers itself doesnt teach ppl much.", and I agree with that, you DON'T learn by using unpackers. This tool is working for 1+ year now as private but suffered big and important updates along the way.
    This tool WASN'T created to harm SRT in any way, Armadillo is a good product with some nice ideas.
    It WAS created in the sequence of my desire to see if I was able to create an unpacker to some packer more complex than UPX, together with the challenge from crUsAdEr, learning was and will always be my main purpose.
    I know the GUI isn’t very user friendly, but really I don't care, don't bother bashing me with that;
    I know it crash's alot, my coding sucks, the code it's crappy and non optimized, really it's a mess, eventually it will hang ur PC;
    I know it doesn't automatic detect the protection options, this happens because it wasn't my main objective. I focused on getting the hard stuff like Nanomites and IAT Elim, and when I was over, I realized that I had made the engine based on the options I specified and couldn't change it, and so it stays like that, and I actually don't care. If you don't like it, start writing a Options detector (its easy stuff), or keep the opinion to yourself;
    If all this isn't a problem to you, then I hope you enjoy using the tool almost as I enjoyed creating it;

    Why make it public?
    Because today there are already several tools outside like ArmaInline or dilloDie, and it seems that SRT are updating Armadillo again, so ArmaGUI wont be useful for long;
    Also Nico is no longer part of the SRT team, I know him from the RCE community and I liked him, that was a very bad move Chad;

    When to use it?
    This tool should ONLY be used when you own a purchased license of some product protected by Armadillo and want to rip the Armadillo from it.
    Now you are wondering what is the use of the tool if you already have one purchased license. Well Armadillo protection schemes does slow down the original code, mainly if options like Strategic Spliced Code, Nanomites or CopyMemII are used, so by ripping Armadillo off, you will get the original faster code.

    History:
    16/08/2006 - V1.5.3:
    *General IAT recover bug fixed;


    Get at:
    http://rapidshare.de/files/29605152/ArmaGUI_v1.5.3.rar.html

    For info about the most recent version, always see the end of this thread!
    Last edited by Spec0p; August 16th, 2006 at 07:46.

Similar Threads

  1. an arma question
    By LiSa in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: April 28th, 2008, 04:50
  2. arma's processes
    By cse_india in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: April 8th, 2007, 22:25
  3. Having trouble with an ARTtut.....arma related
    By kittmaster in forum Malware Analysis and Unpacking Forum
    Replies: 18
    Last Post: June 11th, 2006, 10:57
  4. new arma tricks ?
    By BenJ in forum Malware Analysis and Unpacking Forum
    Replies: 8
    Last Post: October 31st, 2003, 11:26
  5. question about crussader's tut on arma
    By kyrios in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: March 30th, 2003, 12:59

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •