Page 1 of 2 12 LastLast
Results 1 to 15 of 28

Thread: ArmaGUI - Yet another arma tool

  1. #1

    ArmaGUI - Yet another arma tool

    Supported Armadillo options:
    Standard Features
    Import Elimination
    Strategic Code Splicing

    Main features:
    Complete automatic recover and validation of nanomites, even the fake ones in the tables;
    Complete automatic reinsertion of Strategic Spliced Code at the original location before exe was protected by Armadillo;
    Complete rebuild of the dumped file, cleaning all the trash;
    Complete rebuild of the IAT without the use of any extern tool;

    Introduction & Disclaimer:
    ArmaGUI unpacking tool for the commercial protector Armadillo from Silicon Realms Toolworks (, it supports most of the protection options offered by Armadillo since version 3.
    It's coded in VC++ with MFC for GUI support with some inline asm, MFC is the explanation to the over bloated 212kb exe file, and its only tested on XP SP2, maybe it works on w2k3 too, forget anything bellow XP.
    This project was started based on a "challenge" by crUsAdEr on the Woodmann excellent forum:
    crUsAdEr said: "hopefully u wont spread it to everyone though cos unpackers itself doesnt teach ppl much.", and I agree with that, you DON'T learn by using unpackers. This tool is working for 1+ year now as private but suffered big and important updates along the way.
    This tool WASN'T created to harm SRT in any way, Armadillo is a good product with some nice ideas.
    It WAS created in the sequence of my desire to see if I was able to create an unpacker to some packer more complex than UPX, together with the challenge from crUsAdEr, learning was and will always be my main purpose.
    I know the GUI isn’t very user friendly, but really I don't care, don't bother bashing me with that;
    I know it crash's alot, my coding sucks, the code it's crappy and non optimized, really it's a mess, eventually it will hang ur PC;
    I know it doesn't automatic detect the protection options, this happens because it wasn't my main objective. I focused on getting the hard stuff like Nanomites and IAT Elim, and when I was over, I realized that I had made the engine based on the options I specified and couldn't change it, and so it stays like that, and I actually don't care. If you don't like it, start writing a Options detector (its easy stuff), or keep the opinion to yourself;
    If all this isn't a problem to you, then I hope you enjoy using the tool almost as I enjoyed creating it;

    Why make it public?
    Because today there are already several tools outside like ArmaInline or dilloDie, and it seems that SRT are updating Armadillo again, so ArmaGUI wont be useful for long;
    Also Nico is no longer part of the SRT team, I know him from the RCE community and I liked him, that was a very bad move Chad;

    When to use it?
    This tool should ONLY be used when you own a purchased license of some product protected by Armadillo and want to rip the Armadillo from it.
    Now you are wondering what is the use of the tool if you already have one purchased license. Well Armadillo protection schemes does slow down the original code, mainly if options like Strategic Spliced Code, Nanomites or CopyMemII are used, so by ripping Armadillo off, you will get the original faster code.

    16/08/2006 - V1.5.3:
    *General IAT recover bug fixed;

    Get at:

    For info about the most recent version, always see the end of this thread!
    Last edited by Spec0p; August 16th, 2006 at 07:46.

  2. #2
    Super Moderator Shub-nigurrath's Avatar
    Join Date
    May 2004
    Obscure Kadath
    good tool, nice interface. 10x for sharing.
    (`._.[*~-.,.-~* ŜħůβŇĝŕřāŧħ ₪*~-.,.-~*]._.)
    There are only 10 types of people in the world: Those who understand binary, and those who don't

  3. #3
    Thx for share.

  4. #4

    This tool shouldn't upload it here.

    Reverse the code,Reverse Your Minds First

  5. #5
    Really? Why not?

  6. #6
    Read the FAQ!! Coz its commercial protection thats why!.You can uplpoad some other place and post a link here.

    Reverse the code,Reverse Your Minds First

  7. #7
    You are absolutely right, fixed and thanks for the warning!

  8. #8
    Thanks for share!
    Another Arm-unpacker.
    Crack and unpack is a way to enjoy life.

  9. #9
    You're welcome

    Reverse the code,Reverse Your Minds First

  10. #10
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Blog Entries
    esther, you've got a new custom User Title! I'm honored
    Does this mean you're no longer insane?

  11. #11


  12. #12
    *It's funny and confusing at the same time, how some people are able to say that something is trash just because they didn't readed the instructions or know what they are doing, just using the tools as scripties kids... This tool doesn't unpack all the 100% targets existing because of some custom stuff, but give me a break.. at least 1%. I have been reading that it doesn't unpacks zit, fail in every atempt.. I love those people.. Learn what you are dealing before using a tool, there will be sometime in your life where you won't have a tool with nice and shinny buttons to press.. So if you were one of those smurfs, you are FORBIDDEN to use my work anymore;
    *For all other people that supported me, sending bug reports and friendly words, tank you and here is a new version, enjoy;

    01/08/2006 - V1.5:
    *Self detect protection options;

    30/07/2006 - V1.3.6:
    *There are several problems with the spliced code engine, seems that some apps use code that is very hard to not understand as trash, despite my best efforts there will be sometimes were it will fail, added an option to redirect the code instead of reinserting;

    29/07/2006 - V1.3.5:
    *Several bugs fixed on the spliced code engine;

    27/07/2006 - V1.3.4:
    *Rewrote a big part of the IAT Elim recover engine, it should be a little faster now;
    *Fixed an important bug on the IAT engine, some import's weren't resolving correctly, other didn't resolved at all, some speed is lost;
    Last edited by Spec0p; August 3rd, 2006 at 04:35.

  13. #13
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Ring -1
    Blog Entries
    Nice work, keep it up.

  14. #14

    It would be best if you learned to simply ignore esther's comments. His signature used to conceed that he is insane and we should try to show some tolerance for his lack of ability to control his outbursts.


  15. #15
    Hehe i have no problem with him, he was right on what he said.
    The note isn't for any comment in this forum actually, its here because i know it will be copy/pasted in many places since this is 1 of the 2 forums were i post my stuff.


Similar Threads

  1. an arma question
    By LiSa in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: April 28th, 2008, 04:50
  2. arma's processes
    By cse_india in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: April 8th, 2007, 22:25
  3. Having trouble with an ARTtut.....arma related
    By kittmaster in forum Malware Analysis and Unpacking Forum
    Replies: 18
    Last Post: June 11th, 2006, 10:57
  4. new arma tricks ?
    By BenJ in forum Malware Analysis and Unpacking Forum
    Replies: 8
    Last Post: October 31st, 2003, 11:26
  5. question about crussader's tut on arma
    By kyrios in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: March 30th, 2003, 12:59


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts