ايران ويج

نسخه‌ی کامل: سری آموزش های NO DONGLE
شما در حال مشاهده‌ی نسخه‌ی متنی این صفحه می‌باشید. مشاهده‌ی نسخه‌ی کامل با قالب بندی مناسب.
صفحه‌ها: 1 2
این آموزش(کرک برنامه های 16 بیتی با استفاده از Debug.com;exe )شامل:


1-مقاله جامع آموزش دیباگ (ویرایش آخر)
2-فیلم آموزشی (نحوه ی کرک برنامه های 16 بیتی)
3-فیلم آموزشی استخراج اطلاعات
4-عکس ساختار فایل های 16 بیتی و 32 بیتی
5-برنامه ی Debugx آخرین بروزرسانی (برای دیباگ تمامی برنامه های 16 ،و 32 بیتی کنسول)
6-فایل تمرین



لینک دانلود:
کد php:
http://cld.persiangig.com/download/7gpxRSmd8k/Debug-Learn-Full.zip/dl 


توجه:قسمت MBR در این آموزش حذف شد و مقاله ای دیگر تحت عنوان آنالیز MBRیا Master Boot Recordدر حال نگارش است.
آموزش کرک برنامه های دات نت با WINDBG
حجمش یه کم زیاد شد:)وهرجاش که نیاز به توضیح داشتید بگید.
شرمنده،من زیاد اهل فیلم آموزشی درست کردن نیستم :) حوصلشو ندارم :)

کد php:
http://cld.persiangig.com/download/jeIzWGYRhD/dbg.zip/dl 
ممنون بابت آموزش هاي خوبتون اما اگر مي خواهيد يك كار ماندگار انجام بديد لطفا فايل ها رو داخل خود سايت آپلود كنيد
اموزش کرک قفل های اینترنتی
با سپاس از مارسلو ی عزیز برای آموزش
به علت حجم بالا مجبور شدم کیفیت رو کمی پایین بیارم
تارگت و باقی قضایا ضمیمه شده
سرعت آپلود سنتر سایت خیلی پائینه،درحد 5 مگ خوبه ولی برای حجم بالاتر برای من جواب نمیده

کد php:
http://cld.persiangig.com/download/oIESMpt90b/tut.zip/dl 
خوشحالم که اولین HLP/CHM ساخته شده و منتشر شده برای نسخه ی 2.1 در دنیا از طرف سایت iranled بوده.

با تشکر از آقای Oleh Yuschuk برای اشتراک فایل های مورد نیاز و پشتیبانی و تست این فایلها.


فایل CHM/HLP برای OLLYDBG 2.xx

در حال ترجمه ی نسخه ی فارسی +گنجاندن فیلم های آموزشی و اضافه کردن مبحث کامل ساختار فایل های اجرایی در نسخه ی CHM فارسی هستم.

لینک دانلود:[attachment=12829]


اسکرین شات HLP:
[attachment=12830]

اسکرین شات CHM:

[attachment=12831]
یه اسکیم زیبا برایolly v2.xx
به سبک OLD IDE(برای بچه های پاسکالی و توربو سی باز) و پشتبانی خودکار از زبان فارسی برای نمایش متن های فارسی به صورت پیش فرض و همچنین دارای بهترین حالت تنظیم برای دیباگ برنامه های فارسی و..
فونت متوسط برای راحتی چشم ها ورنگ های ساده اما معنی دار :)
ساز گار با نسخه ی SND ونسخه ی اورجینال
تمام محتویات قبلی ollydbg.ini رو پاک و این رو درون فایل ollydbg.ini بریزید و ذخیره کنید و دیباگر رو باز کنید ولذت ببرید

کد php:
Settings]
Check DLL versions=0
Topmost window
=0
Show main menu items that don
't apply=0
Show popup items that don'
t apply=0
Show toolbar
=1
Use system colours in toolbar=0
Status in toolbar
=0
Flash duration
=1
Autoupdate interval
=4
Mode of main window
=0
Restore windows
=0
Bring SND 2.2 to top on pause
=1
Restore window positions
=1
Restore width of columns
=0
Restore sorting criterium
=1
Highlight sorted column
=1
Right click selects
=1
Index of 
default font=7
Index of 
default UNICODE font=3
Index of 
default colours=0
Code highlighting
=0
Horizontal scroll
=0
Snow
-free drawing=1
Append arguments
=1
Allow diacritical symbols
=0
Decode pascal strings
=1
Use IsTextUnicode=0
String decoding
=0
File graph mode
=1
Put ASCII text to clipboard
=0
Monitor internal memory allocation
=0
Dialog font mode
=0
Font in dialogs
=0
Align dialogs
=1
Global search=1
Aligned search
=0
Ignore 
case=0
Search direction
=1
Floating search with margin
=0
Allow extra commands in sequence
=1
Allow jumps into the sequence
=0
Keep size of hex edit selection
=1
List sorting mode=0
Modify FPU tag
=0
MMX display mode
=0
Show tooltips in dialog windows
=1
X options coordinate
=498
Y options coordinate
=445
Last selected options pane
=25
Last edited font in options
=7
Last edited scheme in options
=7
Last edited colour index in options
=9
Last edited highlighting in options
=7
Last edited highlighting index in options
=16
Warnmode when not administrator
=1
Warnmode 
for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt
=0
Warnmode when breakpoint set on non
-command=0
Warnmode when EIP set on non
-command=0
Warnmode when clipboard size too large
=0
Warnmode when all threads are suspended
=0
Warnmode when thread is changed
=0
Warnmode when process is still running
=0
Warnmode when active when closing SND 2.2
=0
Warnmode when unable to close process
=0
Warnmode when executable differs from udd
=0
Warnmode when INT3 in udd has different cmd
=0
Warnmode when fixups are modified
=0
Warnmode when copy of executable file changed
=0
Warnmode when memory breakpoint on stack
=0
Warnmode when modified debug registers
=0
Warnmode when launching loaddll
=0
Warnmode when EIP inside the patch
=0
Only ASCII printable in dump
=0
Code page 
for ASCII dumps=1256
Underline fixups
=1
Show jump direction
=1
Show jump path
=1
Show grayed path 
if jump is not taken=1
Fill rest of command with NOPs
=1
Action on letter key in Disassembler
=1
Wide characters in UNICODE dumps
=1
Automatically backup user code
=0
Visible lines when scrolling disasm
=1
IDEAL disassembling mode
=0
Disassemble in lowercase
=0
Separate arguments with TAB
=0
Extra space between arguments
=0
Show 
default segments=1
Always show memory size
=1
NEAR jump modifiers
=0
Alternative forms of conditional commands
=1
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode
=0
Jump hint decoding mode
=0
Size sensitive mnemonics
=1
Top of FPU stack
=1
Show symbolic addresses
=1
Show local module names
=0
Demangle symbolic names
=0
Use hardware breakpoints for stepping=1
Permanent breakpoints on system code
=0
First pause
=3
Pause on attach
=1
Pause on Loaddll
=1
Assume flat selectors
=0
Ignore access violations in KERNEL32
=1
Ignore INT3 in MSCORWKS
=1
Ignore INT3
=0
Ignore TRAP
=0
Ignore access violations
=0
Ignore division by 0
=0
Ignore illegal instructions
=0
Ignore all FPU exceptions
=0
Ignore all service exceptions
=1
Ignore custom exception ranges
=0
Call UnhandledExceptionFilter
=0
Report ignored exceptions to log
=1
Autoreturn
=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks
=1
Allow command emulation
=1
Debug child processes
=0
Animation delay index
=0
Stop on 
new DLL=0
Stop on DLL unload
=0
Stop only on selected modules
=0
Stop on debug string
=0
Stop on 
new thread=0
Stop on thread end
=0
Enable 
use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files
=1
Hide internal compiler names
=1
Skip leading spaces from source
=1
Hide Call DLL window on call
=0
Pause after call to DLL is finished
=1
Allow 
.NET debugging=0
Scan registry 
for GUIDs on starup=0
Run trace protocolling options
=0
Run trace buffer size index
=2
Trace over system DLLs
=1
Trace over string commands
=1
Save traced commands
=0
Save accessed memory to trace
=0
Save FPU registers to trace
=0
Synchronize CPU 
and Run trace=1
Set breakpoints on callbacks in hit trace
=0
Hit trace mode 
for indirect jumps=0
Stop hit trace 
if not command=0
Hit trace outside the code section
=2
Keep hit trace between sessions
=1
Show symbolic names in protocol range 
list=0
Allow automatic SFX extraction
=1
SFX extraction mode
=0
Use real SFX entry from previous run=1
Ignore SFX exceptions
=1
Use predictions in search=1
References 
include indirect jumps=1
Add origin to search results
=0
Default resource language=9
Gray inactive windows
=1
Gray register names
=0
Center FOLLOWed command
=1
Decode registers 
for any IP=1
Remove code hilite on register hilite
=1
Automatically select register type
=0
Enable SSE registers
=1
Label display mode
=0
Highlight symbolic labels
=0
Log buffer size index
=2
Tabulate columns in log file
=0
Append data to existing log file
=0
Auto analysis
=3
No predicted registers in system DLLs
=0
Fuzzy analysis
=1
Report problems during analysis
=0
Decode tricks
=1
Mark tricks
=0
Decode ifs 
as switches=0
Mark only important operands
=0
Functions preserve registers
=1
Ignore braces in udd path
=1
Guess number of arguments
=1
Guess arguments from mangled names
=0
Guess meaning of guessed arguments
=1
Show uncertain arguments
=1
Rename value dependent arguments
=0
Show predicted values
=1
Show ARG 
and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG 
and LOCAL in comments=1
Show loops
=1
Accept far calls 
and returns=0
Accept direct segment modifications
=0
Accept privileged commands
=0
Accept I
/O commands=0
Accept NOPs
=1
Accept shifts out of range
=0
Accept superfluous prefixes
=0
Accept 
default prefixes=1
Accept valid LOCK prefixes
=1
Accept unaligned stack operations
=1
Accept suspicious ESP operations
=0
Accept non
-standard command forms=1
Accept access to nonexisting memory
=0
Accept interrupt commands
=0
Block external WM_CLOSE
=1
Activate speech
=0
Translate commands 
and registers=1
Skip leading zeros in hex numbers
=1
[Bookmarks]
Restore window=0
[SND 2.2]
Placement=320,32,640,480,1
[History]
Log file=log.txt
Trace save file
=trace.txt
Data directory
=.
Plugin directory=.
API help file=
Last viewed file=
Last keyboard shortcuts file=shortcuts.ini
Previous JIT
=
Debug data directory[0]=
Debug data directory[1]=
Debug data directory[2]=
Arguments[0]=
Current dir[0]=
Arguments[1]=
Current dir[1]=
Executable[2]=
Arguments[2]=
Current dir[2]=
Executable[3]=
Arguments[3]=
Current dir[3]=
Executable[4]=
Arguments[4]=
Current dir[4]=
Executable[5]=
Arguments[5]=
Current dir[5]=
[*
_*]
Placement=0,0,400,326,3
Offset
[0]=0
Offset
[1]=72
Offset
[2]=5
Offset
[3]=0
Appearance
=2,7,1,0,0
Local
=0,68099
[CPU Disasm]
Appearance=7,7,0,0,7
Columns
=72,136,320,2048
[CPU Info]
Appearance=2,7,0,0,0
[CPU Dump]
Appearance=2,7,1,0,1
Columns
=72,384,136
Local
=00011001
[CPU Stack]
Appearance=2,7,0,0,0
Columns
=72,80,40,2048
Local
=000A0104
[Dialog placement]
Enter string=814,90
Set breakpoint
=571,37
Enter search string
=818,432
[INT3 breakpoints]
Placement=25,25,753,186,1
Appearance
=1,0,1,0,0
Columns
=54,54,72,240,1536
Sort
=0
[Settings]
Check DLL versions=0
Topmost window
=0
Show main menu items that don
't apply=0
Show popup items that don'
t apply=0
Show toolbar
=1
Use system colours in toolbar=0
Status in toolbar
=0
Flash duration
=1
Autoupdate interval
=4
Mode of main window
=0
Restore windows
=0
Bring OllyDbg to top on pause
=1
Restore window positions
=1
Restore width of columns
=0
Restore sorting criterium
=1
Highlight sorted column
=1
Right click selects
=1
Index of 
default font=1
Index of 
default UNICODE font=3
Index of 
default colours=0
Code highlighting
=0
Horizontal scroll
=0
Snow
-free drawing=1
Append arguments
=1
Allow diacritical symbols
=0
Decode pascal strings
=1
Use IsTextUnicode=1
String decoding
=0
File graph mode
=1
Put ASCII text to clipboard
=0
Monitor internal memory allocation
=0
Dialog font mode
=0
Font in dialogs
=0
Align dialogs
=1
Global search=1
Aligned search
=0
Ignore 
case=0
Search direction
=1
Floating search with margin
=0
Allow extra commands in sequence
=1
Allow jumps into the sequence
=0
Keep size of hex edit selection
=1
List sorting mode=0
Modify FPU tag
=0
MMX display mode
=0
Show tooltips in dialog windows
=1
X options coordinate
=328
Y options coordinate
=82
Last selected options pane
=4
Last edited font in options
=0
Last edited scheme in options
=0
Last edited colour index in options
=0
Last edited highlighting in options
=1
Last edited highlighting index in options
=0
Warnmode when not administrator
=1
Warnmode 
for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt
=0
Warnmode when breakpoint set on non
-command=0
Warnmode when EIP set on non
-command=0
Warnmode when clipboard size too large
=0
Warnmode when all threads are suspended
=0
Warnmode when thread is changed
=0
Warnmode when process is still running
=0
Warnmode when active when closing OllyDbg
=0
Warnmode when unable to close process
=0
Warnmode when executable differs from udd
=0
Warnmode when INT3 in udd has different cmd
=0
Warnmode when fixups are modified
=0
Warnmode when copy of executable file changed
=0
Warnmode when memory breakpoint on stack
=0
Warnmode when modified debug registers
=0
Warnmode when launching loaddll
=0
Warnmode when EIP inside the patch
=0
Only ASCII printable in dump
=0
Code page 
for ASCII dumps=1256
Underline fixups
=1
Show jump direction
=1
Show jump path
=1
Show grayed path 
if jump is not taken=1
Fill rest of command with NOPs
=1
Action on letter key in Disassembler
=1
Wide characters in UNICODE dumps
=1
Automatically backup user code
=0
Visible lines when scrolling disasm
=1
IDEAL disassembling mode
=0
Disassemble in lowercase
=0
Separate arguments with TAB
=0
Extra space between arguments
=0
Show 
default segments=1
Always show memory size
=1
NEAR jump modifiers
=0
Alternative forms of conditional commands
=1
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode
=0
Jump hint decoding mode
=0
Size sensitive mnemonics
=1
Top of FPU stack
=1
Show symbolic addresses
=1
Show local module names
=0
Demangle symbolic names
=0
Use hardware breakpoints for stepping=1
Permanent breakpoints on system code
=0
First pause
=3
Pause on attach
=1
Pause on Loaddll
=1
Assume flat selectors
=0
Ignore access violations in KERNEL32
=1
Ignore INT3 in MSCORWKS
=1
Ignore INT3
=0
Ignore TRAP
=0
Ignore access violations
=0
Ignore division by 0
=0
Ignore illegal instructions
=0
Ignore all FPU exceptions
=0
Ignore all service exceptions
=1
Ignore custom exception ranges
=0
Call UnhandledExceptionFilter
=0
Report ignored exceptions to log
=1
Autoreturn
=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks
=1
Allow command emulation
=1
Debug child processes
=0
Animation delay index
=0
Stop on 
new DLL=0
Stop on DLL unload
=0
Stop only on selected modules
=0
Stop on debug string
=0
Stop on 
new thread=0
Stop on thread end
=0
Enable 
use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files
=1
Hide internal compiler names
=1
Skip leading spaces from source
=1
Hide Call DLL window on call
=0
Pause after call to DLL is finished
=1
Allow 
.NET debugging=0
Scan registry 
for GUIDs on starup=0
Run trace protocolling options
=0
Run trace buffer size index
=2
Trace over system DLLs
=1
Trace over string commands
=1
Save traced commands
=0
Save accessed memory to trace
=0
Save FPU registers to trace
=0
Synchronize CPU 
and Run trace=1
Set breakpoints on callbacks in hit trace
=0
Hit trace mode 
for indirect jumps=0
Stop hit trace 
if not command=0
Hit trace outside the code section
=2
Keep hit trace between sessions
=1
Show symbolic names in protocol range 
list=0
Allow automatic SFX extraction
=1
SFX extraction mode
=0
Use real SFX entry from previous run=1
Ignore SFX exceptions
=1
Use predictions in search=1
References 
include indirect jumps=1
Add origin to search results
=0
Default resource language=9
Gray inactive windows
=1
Gray register names
=0
Center FOLLOWed command
=1
Decode registers 
for any IP=1
Remove code hilite on register hilite
=1
Automatically select register type
=0
Enable SSE registers
=1
Label display mode
=0
Highlight symbolic labels
=0
Log buffer size index
=2
Tabulate columns in log file
=0
Append data to existing log file
=0
Auto analysis
=3
No predicted registers in system DLLs
=0
Fuzzy analysis
=1
Report problems during analysis
=0
Decode tricks
=1
Mark tricks
=0
Decode ifs 
as switches=0
Mark only important operands
=0
Functions preserve registers
=1
Ignore braces in udd path
=1
Guess number of arguments
=1
Guess arguments from mangled names
=0
Guess meaning of guessed arguments
=1
Show uncertain arguments
=1
Rename value dependent arguments
=0
Show predicted values
=1
Show ARG 
and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG 
and LOCAL in comments=1
Show loops
=1
Accept far calls 
and returns=0
Accept direct segment modifications
=0
Accept privileged commands
=0
Accept I
/O commands=0
Accept NOPs
=1
Accept shifts out of range
=0
Accept superfluous prefixes
=0
Accept 
default prefixes=1
Accept valid LOCK prefixes
=1
Accept unaligned stack operations
=1
Accept suspicious ESP operations
=0
Accept non
-standard command forms=1
Accept access to nonexisting memory
=0
Accept interrupt commands
=0
Block external WM_CLOSE
=1
Activate speech
=0
Translate commands 
and registers=1
Skip leading zeros in hex numbers
=1
[OllyDbg]
Placement=389,220,640,480,1
[CPU]
Placement=0,0,1273,812,1
Offset
[0]=0
Offset
[1]=61
Offset
[2]=0
Offset
[3]=0
[CPU registers]
Appearance=7,7,1,0,0
Local
=0,69379
[Filedump]
Appearance=1,0,1,0,0
[Search tab]
Appearance[3]=7,7,1,0,0
Columns
[3]=72,320,2048
Sort
[3]=0
[Search]
Placement=-192,170,1296,509,1
[Colour schemes]
Scheme name[0]=Black on white
Foreground_1
[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[0]=1
Modified commands
[0]=0
Scheme name
[1]=Yellow on blue
Foreground_1
[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands
[1]=0
Scheme name
[2]=Marine
Foreground_1
[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands
[2]=0
Scheme name
[3]=Mostly black
Foreground_1
[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=0
Modified commands
[3]=0
Scheme name
[4]=Scheme 4
Foreground_1
[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands
[4]=0
Scheme name
[5]=Scheme 5
Foreground_1
[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands
[5]=0
Scheme name
[6]=Scheme 6
Foreground_1
[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands
[6]=0
Scheme name
[7]=OLD IDE
Foreground_1
[7]=FF00,*,808080,*,F0FBFF,FFFF,*,FF,FFFF00,FF0000,*,*,*,*,*,*
Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[7]=800000,800000,800000,FF00,*,FF,*,*,*,FF0000,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands
[7]=0
[Highlighting schemes]
Scheme name[1]=Christmas tree
Foreground_1
[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands
[1]=1
Scheme name
[2]=Jumps and calls
Foreground_1
[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands
[2]=0
Scheme name
[3]=Memory access
Foreground_1
[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=1
Modified commands
[3]=1
Scheme name
[4]=Hilite 4
Foreground_1
[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands
[4]=0
Scheme name
[5]=Hilite 5
Foreground_1
[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands
[5]=0
Scheme name
[6]=Hilite 6
Foreground_1
[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands
[6]=0
Scheme name
[7]=OLD IDE
Foreground_1
[7]=*,*,*,*,*,*,*,*,*,*,*,*,FF00,FFFF,FFFF,FF00FF
Foreground_2
[7]=FFFF00,FF,FF,80,FF00FF,F0FBFF,*,*,FF,FF00FF,*,*,*,*,A4A0A0,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands
[7]=0
[Fonts]
Font name[0]=Terminal 6
Font data
[0]=0,0,0,0,0,0,0,0,0,0,0,10
Face name
[0]=
Font name[1]=Terminal 6
Font data
[1]=9,6,700,0,0,0,255,0,1,1,0,0
Face name
[1]=Terminal
Font name
[2]=System fixed font
Font data
[2]=-12,0,400,0,0,0,178,1,49,0,0,0
Face name
[2]=Fixedsys
Font name
[3]=Courier (UNICODE)
Font data[3]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name
[3]=Courier New
Font name[4]=Lucida (UNICODE)
Font data[4]=10,6,400,0,0,0,1,2,5,0,0,0
Face name
[4]=Lucida Console
Font name
[5]=Font 5
Font data
[5]=9,6,700,0,0,0,255,0,1,1,0,0
Face name
[5]=Terminal
Font name
[6]=Font 6
Font data
[6]=0,0,0,0,0,0,0,0,0,0,0,16
Face name
[6]=
Font name[7]=Persian
Font data
[7]=-12,0,400,0,0,0,178,1,49,-2,0,0
Face name
[7]=Fixedsys 
اسکرین شات برای SND 2.1واون یکی اسکرین شات هم برای نسخه ی اورجینال هست
[attachment=12857]
دوستان یه مشکل کوچیک بازبان فارسی داشت که حل شد دوباره اسکیم رو کپی کنید شرمنده

اینم یه سمپل برای تست رشته های فارسی
قسمت دوم کرک برنامه های دانت با WINDBG
باینری بچینگ
ابزار ها:
WINDBG
CFF EXPLORR

CIL SEARCH
این آخریه رو خودم ساختم :) (ضمیمیه کردم) برای باینری پچینگ خیلی به درد میخوره توضیحات دستورات رو هم داره

[attachment=12898]
استخراج پسورد تمامی ویندوز های 32 و 64 بیتی بدون رمزگشایی دستی!
در این CHM که آماده کردم ،شامل:
1-استخراج پسورد ویندوز به صورت آنلاین lsass.exe
2-استخراج پسورد با استفاده از Memory Dump
3-استخراج پسورد ماشین های مجازی
به همراه دوفیلم آموزشی
دوستان اگه فونت ها به هم ریختگی داره بگید لطفا،چون من سیستم دیگه ایی جلو دستم نبود برای تست ،احتمالا کلمات درهم و برهم باشه بعضی از جاها،اگه بود (که احتمالا هست)بگید تارفع بشه
لینک :
[attachment=12935]

دانلود ابزار :

[attachment=12936]
نسخه ی بهینه شده ی اسکیم

کد:
[Settings]
Check DLL versions=0
Topmost window=0
Show main menu items that don't apply=0
Show popup items that don't apply=0
Show toolbar=1
Use system colours in toolbar=0
Status in toolbar=0
Flash duration=1
Autoupdate interval=4
Mode of main window=0
Restore windows=1
Bring OllyDbg to top on pause=1
Restore window positions=1
Restore width of columns=0
Restore sorting criterium=1
Highlight sorted column=1
Right click selects=1
Index of default font=7
Index of default UNICODE font=3
Index of default colours=0
Code highlighting=0
Horizontal scroll=0
Snow-free drawing=1
Append arguments=1
Allow diacritical symbols=0
Decode pascal strings=1
Use IsTextUnicode=1
String decoding=0
File graph mode=1
Put ASCII text to clipboard=0
Monitor internal memory allocation=0
Dialog font mode=0
Font in dialogs=0
Align dialogs=1
Global search=1
Aligned search=0
Ignore case=0
Search direction=1
Floating search with margin=0
Allow extra commands in sequence=1
Allow jumps into the sequence=0
Keep size of hex edit selection=1
List sorting mode=0
Modify FPU tag=0
MMX display mode=0
Show tooltips in dialog windows=1
X options coordinate=802
Y options coordinate=207
Last selected options pane=4
Last edited font in options=7
Last edited scheme in options=7
Last edited colour index in options=9
Last edited highlighting in options=7
Last edited highlighting index in options=16
Warnmode when not administrator=1
Warnmode for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt=0
Warnmode when breakpoint set on non-command=0
Warnmode when EIP set on non-command=0
Warnmode when clipboard size too large=0
Warnmode when all threads are suspended=0
Warnmode when thread is changed=0
Warnmode when process is still running=0
Warnmode when active when closing SND 2.2=0
Warnmode when unable to close process=0
Warnmode when executable differs from udd=0
Warnmode when INT3 in udd has different cmd=0
Warnmode when fixups are modified=0
Warnmode when copy of executable file changed=0
Warnmode when memory breakpoint on stack=0
Warnmode when modified debug registers=0
Warnmode when launching loaddll=0
Warnmode when EIP inside the patch=0
Only ASCII printable in dump=0
Code page for ASCII dumps=1256
Underline fixups=1
Show jump direction=1
Show jump path=1
Show grayed path if jump is not taken=1
Fill rest of command with NOPs=1
Action on letter key in Disassembler=1
Wide characters in UNICODE dumps=1
Automatically backup user code=0
Visible lines when scrolling disasm=1
IDEAL disassembling mode=0
Disassemble in lowercase=0
Separate arguments with TAB=0
Extra space between arguments=0
Show default segments=1
Always show memory size=1
NEAR jump modifiers=0
Alternative forms of conditional commands=1
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode=0
Jump hint decoding mode=0
Size sensitive mnemonics=1
Top of FPU stack=1
Show symbolic addresses=1
Show local module names=0
Demangle symbolic names=0
Use hardware breakpoints for stepping=1
Permanent breakpoints on system code=0
First pause=3
Pause on attach=1
Pause on Loaddll=1
Assume flat selectors=0
Ignore access violations in KERNEL32=1
Ignore INT3 in MSCORWKS=1
Ignore INT3=0
Ignore TRAP=0
Ignore access violations=0
Ignore division by 0=0
Ignore illegal instructions=0
Ignore all FPU exceptions=0
Ignore all service exceptions=1
Ignore custom exception ranges=0
Call UnhandledExceptionFilter=0
Report ignored exceptions to log=1
Autoreturn=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks=1
Allow command emulation=1
Debug child processes=0
Animation delay index=0
Stop on new DLL=0
Stop on DLL unload=0
Stop only on selected modules=0
Stop on debug string=0
Stop on new thread=0
Stop on thread end=0
Enable use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files=1
Hide internal compiler names=1
Skip leading spaces from source=1
Hide Call DLL window on call=0
Pause after call to DLL is finished=1
Allow .NET debugging=0
Scan registry for GUIDs on starup=0
Run trace protocolling options=0
Run trace buffer size index=2
Trace over system DLLs=1
Trace over string commands=1
Save traced commands=0
Save accessed memory to trace=0
Save FPU registers to trace=0
Synchronize CPU and Run trace=1
Set breakpoints on callbacks in hit trace=0
Hit trace mode for indirect jumps=0
Stop hit trace if not command=0
Hit trace outside the code section=2
Keep hit trace between sessions=1
Show symbolic names in protocol range list=0
Allow automatic SFX extraction=1
SFX extraction mode=0
Use real SFX entry from previous run=1
Ignore SFX exceptions=1
Use predictions in search=1
References include indirect jumps=1
Add origin to search results=0
Default resource language=9
Gray inactive windows=1
Gray register names=0
Center FOLLOWed command=1
Decode registers for any IP=1
Remove code hilite on register hilite=1
Automatically select register type=0
Enable SSE registers=1
Label display mode=0
Highlight symbolic labels=0
Log buffer size index=2
Tabulate columns in log file=0
Append data to existing log file=0
Auto analysis=3
No predicted registers in system DLLs=0
Fuzzy analysis=1
Report problems during analysis=0
Decode tricks=1
Mark tricks=0
Decode ifs as switches=0
Mark only important operands=0
Functions preserve registers=1
Ignore braces in udd path=1
Guess number of arguments=1
Guess arguments from mangled names=0
Guess meaning of guessed arguments=1
Show uncertain arguments=1
Rename value dependent arguments=0
Show predicted values=1
Show ARG and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG and LOCAL in comments=1
Show loops=1
Accept far calls and returns=0
Accept direct segment modifications=0
Accept privileged commands=0
Accept I/O commands=0
Accept NOPs=1
Accept shifts out of range=0
Accept superfluous prefixes=0
Accept default prefixes=1
Accept valid LOCK prefixes=1
Accept unaligned stack operations=1
Accept suspicious ESP operations=0
Accept non-standard command forms=1
Accept access to nonexisting memory=0
Accept interrupt commands=0
Block external WM_CLOSE=1
Activate speech=0
Translate commands and registers=1
Skip leading zeros in hex numbers=1
GUI language=0
Search accuracy=0
Warnmode when active when closing OllyDbg=0
Warnmode when IAT is copied back to exe=0
Warnmode when IAT is autocopied back to exe=0
Code page for multibyte dumps=65001
Disable GDI scripting support=0
Show call arguments=0
Type of break command=0
Hide unimportant handles=1
Show original handle names=0
Hide current registers warning=0
Search for library functions=1
[Bookmarks]
Restore window=0
[SND 2.2]
Placement=320,32,640,480,1
[History]
Log file=log.txt
Trace save file=trace.txt
Data directory=.
Plugin directory=.
API help file=
Last viewed file=
Last keyboard shortcuts file=shortcuts.ini
Previous JIT=
Debug data directory[0]=
Debug data directory[1]=
Debug data directory[2]=
Arguments[0]=
Current dir[0]=
Arguments[1]=
Current dir[1]=
Executable[2]=
Arguments[2]=
Current dir[2]=
Executable[3]=
Arguments[3]=
Current dir[3]=
Executable[4]=
Arguments[4]=
Current dir[4]=
Executable[5]=
Arguments[5]=
Current dir[5]=
Alternative initialization file=
Last object or library file=
Last image library file=
Standard library directory=C:\Users\1\Desktop\IRANLED.com
[*_*]
Placement=0,0,400,326,3
Offset[0]=0
Offset[1]=72
Offset[2]=5
Offset[3]=0
Appearance=2,7,1,0,0
Local=0,68099
[CPU Disasm]
Appearance=2,7,0,0,7
Columns=72,136,320,2048
[CPU Info]
Appearance=3,7,0,0,0
[CPU Dump]
Appearance=2,7,1,0,1
Columns=72,384,136
Local=00011001
[CPU Stack]
Appearance=2,7,0,0,0
Columns=72,80,40,2048
Local=000A0104
[Dialog placement]
Enter string=875,380
Set breakpoint=571,37
Enter search string=818,432
[INT3 breakpoints]
Placement=25,25,753,186,1
Appearance=1,0,1,0,0
Columns=54,54,72,240,1536
Sort=0
[Settings]
Check DLL versions=0
Topmost window=0
Show main menu items that don't apply=0
Show popup items that don't apply=0
Show toolbar=1
Use system colours in toolbar=0
Status in toolbar=0
Flash duration=1
Autoupdate interval=4
Mode of main window=0
Restore windows=0
Bring OllyDbg to top on pause=1
Restore window positions=1
Restore width of columns=0
Restore sorting criterium=1
Highlight sorted column=1
Right click selects=1
Index of default font=1
Index of default UNICODE font=3
Index of default colours=0
Code highlighting=0
Horizontal scroll=0
Snow-free drawing=1
Append arguments=1
Allow diacritical symbols=0
Decode pascal strings=1
Use IsTextUnicode=1
String decoding=0
File graph mode=1
Put ASCII text to clipboard=0
Monitor internal memory allocation=0
Dialog font mode=0
Font in dialogs=0
Align dialogs=1
Global search=1
Aligned search=0
Ignore case=0
Search direction=1
Floating search with margin=0
Allow extra commands in sequence=1
Allow jumps into the sequence=0
Keep size of hex edit selection=1
List sorting mode=0
Modify FPU tag=0
MMX display mode=0
Show tooltips in dialog windows=1
X options coordinate=328
Y options coordinate=82
Last selected options pane=4
Last edited font in options=0
Last edited scheme in options=0
Last edited colour index in options=0
Last edited highlighting in options=1
Last edited highlighting index in options=0
Warnmode when not administrator=1
Warnmode for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt=0
Warnmode when breakpoint set on non-command=0
Warnmode when EIP set on non-command=0
Warnmode when clipboard size too large=0
Warnmode when all threads are suspended=0
Warnmode when thread is changed=0
Warnmode when process is still running=0
Warnmode when active when closing OllyDbg=0
Warnmode when unable to close process=0
Warnmode when executable differs from udd=0
Warnmode when INT3 in udd has different cmd=0
Warnmode when fixups are modified=0
Warnmode when copy of executable file changed=0
Warnmode when memory breakpoint on stack=0
Warnmode when modified debug registers=0
Warnmode when launching loaddll=0
Warnmode when EIP inside the patch=0
Only ASCII printable in dump=0
Code page for ASCII dumps=1256
Underline fixups=1
Show jump direction=1
Show jump path=1
Show grayed path if jump is not taken=1
Fill rest of command with NOPs=1
Action on letter key in Disassembler=1
Wide characters in UNICODE dumps=1
Automatically backup user code=0
Visible lines when scrolling disasm=1
IDEAL disassembling mode=0
Disassemble in lowercase=0
Separate arguments with TAB=0
Extra space between arguments=0
Show default segments=1
Always show memory size=1
NEAR jump modifiers=0
Alternative forms of conditional commands=1
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode=0
Jump hint decoding mode=0
Size sensitive mnemonics=1
Top of FPU stack=1
Show symbolic addresses=1
Show local module names=0
Demangle symbolic names=0
Use hardware breakpoints for stepping=1
Permanent breakpoints on system code=0
First pause=3
Pause on attach=1
Pause on Loaddll=1
Assume flat selectors=0
Ignore access violations in KERNEL32=1
Ignore INT3 in MSCORWKS=1
Ignore INT3=0
Ignore TRAP=0
Ignore access violations=0
Ignore division by 0=0
Ignore illegal instructions=0
Ignore all FPU exceptions=0
Ignore all service exceptions=1
Ignore custom exception ranges=0
Call UnhandledExceptionFilter=0
Report ignored exceptions to log=1
Autoreturn=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks=1
Allow command emulation=1
Debug child processes=0
Animation delay index=0
Stop on new DLL=0
Stop on DLL unload=0
Stop only on selected modules=0
Stop on debug string=0
Stop on new thread=0
Stop on thread end=0
Enable use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files=1
Hide internal compiler names=1
Skip leading spaces from source=1
Hide Call DLL window on call=0
Pause after call to DLL is finished=1
Allow .NET debugging=0
Scan registry for GUIDs on starup=0
Run trace protocolling options=0
Run trace buffer size index=2
Trace over system DLLs=1
Trace over string commands=1
Save traced commands=0
Save accessed memory to trace=0
Save FPU registers to trace=0
Synchronize CPU and Run trace=1
Set breakpoints on callbacks in hit trace=0
Hit trace mode for indirect jumps=0
Stop hit trace if not command=0
Hit trace outside the code section=2
Keep hit trace between sessions=1
Show symbolic names in protocol range list=0
Allow automatic SFX extraction=1
SFX extraction mode=0
Use real SFX entry from previous run=1
Ignore SFX exceptions=1
Use predictions in search=1
References include indirect jumps=1
Add origin to search results=0
Default resource language=9
Gray inactive windows=1
Gray register names=0
Center FOLLOWed command=1
Decode registers for any IP=1
Remove code hilite on register hilite=1
Automatically select register type=0
Enable SSE registers=1
Label display mode=0
Highlight symbolic labels=0
Log buffer size index=2
Tabulate columns in log file=0
Append data to existing log file=0
Auto analysis=3
No predicted registers in system DLLs=0
Fuzzy analysis=1
Report problems during analysis=0
Decode tricks=1
Mark tricks=0
Decode ifs as switches=0
Mark only important operands=0
Functions preserve registers=1
Ignore braces in udd path=1
Guess number of arguments=1
Guess arguments from mangled names=0
Guess meaning of guessed arguments=1
Show uncertain arguments=1
Rename value dependent arguments=0
Show predicted values=1
Show ARG and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG and LOCAL in comments=1
Show loops=1
Accept far calls and returns=0
Accept direct segment modifications=0
Accept privileged commands=0
Accept I/O commands=0
Accept NOPs=1
Accept shifts out of range=0
Accept superfluous prefixes=0
Accept default prefixes=1
Accept valid LOCK prefixes=1
Accept unaligned stack operations=1
Accept suspicious ESP operations=0
Accept non-standard command forms=1
Accept access to nonexisting memory=0
Accept interrupt commands=0
Block external WM_CLOSE=1
Activate speech=0
Translate commands and registers=1
Skip leading zeros in hex numbers=1
[OllyDbg]
Placement=640,348,640,480,1
[CPU]
Placement=0,0,1273,812,3
Offset[0]=0
Offset[1]=61
Offset[2]=5
Offset[3]=0
[CPU registers]
Appearance=7,7,1,0,0
Local=0,69379
[Filedump]
Appearance=1,0,1,0,0
[Search tab]
Appearance[3]=7,7,1,0,0
Columns[3]=72,320,2048
Sort[3]=0
[Search]
Placement=25,25,528,350,1
[Highlighting schemes]
Scheme name[1]=Christmas tree
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands[1]=1
Scheme name[2]=Jumps and calls
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
Scheme name[3]=Memory access
Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=1
Modified commands[3]=1
Scheme name[4]=Hilite 4
Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands[4]=0
Scheme name[5]=Hilite 5
Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands[5]=0
Scheme name[6]=Hilite 6
Foreground_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands[6]=0
Scheme name[7]=OLD IDE
Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,FF00,FFFF,FFFF,FF00FF
Foreground_2[7]=FFFF00,FF,FF,80,FF00FF,F0FBFF,*,*,FF,FF00FF,*,*,*,*,A4A0A0,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands[7]=0
[Fonts]
Font name[0]=Terminal 6
Font data[0]=0,0,0,0,0,0,0,0,0,0,0,10
Face name[0]=
Font name[1]=Terminal 6
Font data[1]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[1]=Terminal
Font name[2]=System fixed font
Font data[2]=-12,0,400,0,0,0,178,1,49,0,0,0
Face name[2]=Fixedsys
Font name[3]=Courier (UNICODE)
Font data[3]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name[3]=Courier New
Font name[4]=Lucida (UNICODE)
Font data[4]=10,6,400,0,0,0,1,2,5,0,0,0
Face name[4]=Lucida Console
Font name[5]=Font 5
Font data[5]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[5]=Terminal
Font name[6]=Font 6
Font data[6]=0,0,0,0,0,0,0,0,0,0,0,16
Face name[6]=
Font name[7]=Persian
Font data[7]=-12,0,400,0,0,0,178,1,49,-2,0,0
Face name[7]=Fixedsys
[Colour schemes]
Scheme name[0]=Black on white
Foreground_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[0]=1
Modified commands[0]=0
Scheme name[1]=Yellow on blue
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands[1]=0
Scheme name[2]=Marine
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
آموزش کامل و جامع dUP (فارسی)

dUP چیست ؟
dUP یک موتور قدرتمند در زمینه پچینگ میباشد که با اسمبلر (Mircosoft MacroAssembler)نوشته و توسعه داده شده است.

قابلیت هادر نسخه ی 2.26.1:
- پشتیبانی از فایل های مختلف
- ساخت (پچر و لودر )با استفاده از آفست و تکنیک جستجو و اضافه (Search&Replace)
- مقایسه ی فایل ها ((RawOffset and VirtualAddress با اندازه های مختلف
- پچ کردن متن ها
- پچ کردن ریجیستری و پشتیبانی از همین متد در (Loader)
- اتصال فایل ها به (Patcher)
- تنظیم مسیر فایل ها از ریجیستری
- چک کردن /CRC32 MD5و سایز فایل ها
- پچ کردن فایل های پک شده
-برنامه ریزی برای عملیات پچ
- فشرده سازی (Patcher)با هر نوع پکر (برای عدم تغییریا استخراج منابع)
- ذخیره سازی پروژه
- پشتبانی از زبان های مختلف
- استفاده از پوسته های خارجی برای (Patcher)
- اضافه کردن موزیک به(Patcher)با پشتیبانی از فرمت های : xm,mod,it,s3m,mtm,umx,v2m,ahx,sid
- و برخی قابلیت های ریز و درشت دیگر که در نسخه های قبل و این نسخه موجود است

[attachment=13372]
صفحه‌ها: 1 2