Ollydbg Cracking Dll

вторник 04 февраляadmin
Ollydbg Cracking Dll Rating: 9,9/10 609 reviews


This version of OllyDbg is moded to be undetectable by protectors or protecting formulas, it is fast and with most needed plugins for everyday cracking! A few fixes where done, some where reported by the users thanks to them some changes in code for hidding and of course speed is as always even or better.DLL loader was added since first version hadn't one, added plugins and updated osme.

The objective of writing this paper is to explain how to crack an executable without peeping at its source code by using the OllyDbg tool. Although, there are many tools that can achieve the same objective, the beauty behind OllyDbg is that it is simple to operate and freely available. We have already done much reverse engineering of .NET applications earlier. This time, we are confronted with an application whose origin is unknown altogether. In simple terms, we are saying that we don’t have the actual source code. We have only the executable version, which is a tedious task of reverse engineering.


The security researcher must have a rigorous knowledge of assembly programming language. It is expected that the machine is configured with the following tools:

  • OllyDbg
  • Assembly programming knowledge

Patching Native Binaries

When the source code is not provided, it is still possible to patch the corresponding software binaries in order to remove various security restrictions imposed by the vendor, as well as fixing the inherent bugs in the source code. A familiar type of restriction built into software is copy protection, which is normally forced by the software vendor in order to test the robustness of the software copy protection. In copy protection, the user is typically obliged to register the product before use. The vendor stipulates a time restriction on the beta software in order to avoid license misuse and to permit the product to run only in a reduced-functionality mode until the user registers.

Executable Software

The following sample shows a way of bypassing or removing the copy protection in order to use the product without extending the trial duration or, in fact, without purchasing the full version. The copy protection mechanism often involves a process in which the software checks whether it should run and, if it should, which functionality should be allowed.

Fairy tail solidfiles download free. One type of copy protection common in trial or beta software allows a program to run only until a certain date. In order to explain reverse engineering, we have downloaded the beta version of software from the Internet that is operative for 30 days. As you can see, the following trial software application is expired and not working further and it shows an error message when we try to execute it.

We don’t know in which programming language or under which platform this software is developed, so the first task is to identify its origin. We can engage CFF explorer, which displays some significant information such as that this software is developed by using VC++ language, as shown below.

We can easily conclude that this is a native executable and it is not executing under CLR. We can’t use ILDASM or Reflector in order to analyze its opcodes. This time, we have to choose some different approach to crack the native executable.

Disassembling with OllyDbg

When we attempt to load the SoftwareExpiration.exe file, it will refuse to run because the current date is past the date on which the authorized trial expired. How can we use this software despite the expiration of the trial period? The following section illustrates the steps in the context of removing the copy protection restriction:

The Road Map

  • Load the expired program in order to understand what is happening behind the scenes.
  • Debug this program with OllyDbg.
  • Trace the code backward to identify the code path.
  • Modify the binary to force all code paths to succeed and to never hit the trial expiration code path again.
  • Test the modifications.

Such tasks can also be accomplished by a powerful tool, IDA Pro, but it is commercial and not available freely. OllyDbg is not as powerful as IDA Pro, but it is useful in some scenarios. First download OllyDbg from its official website and configure it properly on your machine. Its interface looks like this:

Now open the SoftwareExpiration.exe program in OllyDbg IDE from File à open menu and it will decompile that binary file. Don’t be afraid of the bizarre assembly code, because all the modifications are performed in the native assembly code.

Here the red box shows the entry point instructions of the program, referred to as 00401204. The CPU main thread window displays the software code in form of assembly instructions that are executed in top-to-bottom fashion. That is why, as we stated earlier, assembly programming knowledge is necessary when reverse engineering a native executable.

Unfortunately, we don’t have the actual source code, so how can we inspect the assembly code? Here the error message “Sorry, this trial software has expired” might help us to solve this problem because, with the help of this error message, we can identify the actual code path that leads to it.

While the error dialog box is still displayed, start debugging by pressing F9 or from Debug menu. Now you can find the time limit code. Next, press F12 in order to pause the code execution so that we can find the code that causes the error message to be displayed.

Okay. Now view the call stack by pressing the Alt+ K. Here, you can easily figure out that the trial error text is a parameter of MessageBoxA as follows:

Select the USER32.MessageBoxA near the bottom of the call stack, right click, and choose “Show call”:

This shows the starting point in which the assembly call to MessageBoxA is selected. Notice that the greater symbol (>) next to some of the lines of code, which indicates that another line of code jumps to that location. Directly before the call to MessageBoxA (in red color right-pane), four parameters are pushed onto the stack. Here the PUSH 10 instruction contains the > sign, which is referenced by another line of code.

Select the PUSH 10 instruction located at 004011C0 address, the line of code that references the selected line is displayed in the text area below the top pane in the CPU windows as follows:

Select the text area code in the above figure and right click to open the shortcut menu. It allows you to easily navigate to the code that refers to a selected line of code as shown:

We have now identified the actual line of code that is responsible for producing the error message. Now it is time to do some modification to the binary code. The context menu in the previous figure shows that both 00401055 and 00401063 contains JA (jump above) to the PUSH 10 used for message box.

First select the Go to JA 00401055 from the context menu. You should now be on the code at location 0x00401055. Your ultimate objective is to prevent the program from hitting the error code path. This can be accomplished by changing the JA instruction to NOP (no operation), which actually does nothing. Right click the 0x00401055 instruction inside the CPU window and select “Binary” and click over Fill with NOPs as shown below:

This operation fills all the corresponding instruction for 0x00401055 with NOPs:

Go back to PUSH 10 by pressing hyphen (~) and repeat the previous process for the instruction 0x00401063, as follows:

Now save the modifications by right-clicking in the CPU window, clicking Copy to Executable, and then clicking All Modifications. Then hit the Copy all button in the next dialog box, as shown below:

Right after hitting the “Copy all” button, a new window will appear named “SoftwareExpiration.exe.” Right-click in this window and choose Save File:

Finally, save the modified or patched binary with a new name. Now load the modified program; you can see that no expiration error message is shown. We successfully defeated the expiration trial period restriction.

Final Note

This article demonstrates one way to challenge the strength of the copy protection measure using OllyDbg and to identify ways to make your software more secure against unauthorized consumption. By attempting to defeat the copy protection of your application, we can learn a great deal about how robust the protection mechanism is. By doing this testing before the product becomes publically available, we can modify the code to make circumvention of copy protection more difficult before its release.

Would you like to test your skills further with a CTF challenge? Check this out:

CTF Noobs Lab

Stay updated and chat with others! - Join the Discord!
Thread Rating:

OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts)filter_list
OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-17-2019, 02:53 PM #1

OllyDBG Mega Pack AIO Collection
every download is standalone and also is the full package with some extras

password is: cONS:PIR4'cY

.,. . .;'
;O0dc'. ..;odxO00Oxl;. .;lk0d.
,ONXKOx0MNl. .':k00KXXo.
cONS:PIR4' 'cYNk'
,0M0, ,KMNd,. .lNWd.
.dWX: :KWWNKd:. .dWX;
'0MO. .lOKNMWXOo,. :NWo
.'. .OMO. .,cxKWMNO; :NWo
.,lo;.dWX: .;kNMXc .xMX;
.. '0MK; .xMMk'oNWo.
.' ,OWXo. .dMMkxNNo.
,' .oXWKd:'. .'dNMKx0O;
AIO OllyDBG Tools Pack
NOTE: Original release was packed with Autorun Pro Enterprise
i unpacked it to do a cleaner version of the release.
supplier : Keosoft90 - belajar
unpacker : conspir4cy - sinister.ly
uploader : conspir4cy - sinister.ly
All tools for ollyDBG v1.10 / v2.0. And ImmunityDBG. Contain plugins, script, patch, extra tools, utilities etc. I hope you like it.. :)
special thank's for..
Coldzer0, Abdo-ok, Mr Paradox, azma, ,Diver, K4mil, NikRE, shockwawe, kruzco, Lezzo_x, pnta, C0M3ND4D0R, Serial_Killer, Mr eXoDia, Mr.Teo, vic4key, malaya2100, kruzco, Silence, RaBBiT, phongvucba, skypeaful, Z.Alpa, movAl1, Syahmie, GrindStone, andhepie, dprabuwijaya, illopillo, mbulu, rhythm, shockwawe, skypeaful, thien866, KhongBiet, Dielbach, RIzal Bigjoy, Dimitry, virez, Mrhpx Rizal, Ceoode Aka'adi, pandagrind, andhepie, Ellvis, Torrescrack, Cyraxs Cracker, Kingsta
tut4you, AT4RE, AORE, InCAr, C.O.D, SnD, CIN1 Team, FFF, TPoDT, RePT, tPORt, Under SEH..
All RCE groups around the world and also all my friend.... :D

what's included
AIO Plugins Pack for OllyDBG v1.10
[List Plugins]
+BP-Olly V2.0 Beta 4
aadp4olly v0.1.1
Address to File Offset v1.0
AdvancedOlly v1.25
AdvancedOlly v1.26 beta 10
AdvancedOlly v1.26 beta 12
AdvancedOlly v1.26 beta 8
AJunk v1.0
Analyze This v0.1
AnalyzeThis+ v0.24
Anti DRX v1.0
Anti-Anti Hardware Breakpoint v0.1
Anti-Anti v0.11
AntiDetectOlly v2.2.4
API Break v0.2
API Finder v0.3
API Helper v1.0.0.1
ApiBreak Nonameo
aRC-Olly Admin v1.01
Ariadne Optimizer v0.1
ArmaDetach v1.01
AsciiTable v1.1
Asm2clipboard v0.4
ASProtect v1.20
Attach Anyway v0.1
AttachAnyway v0.3
AttachExtended v0.1
AttachHelper v0.1
AttachTo v0.1
AutoPath v0.1
Base64 v1.00
BlkLabel v1.0
Bookmark v1.06
Break On Execution v1.1b
Break On Load v0.1
Calculator v0.1
Catcha! v1.0
CheatUtility 1.0
CheatUtility v1.0
CLBPlus! v1.0
CleanUpex v1.12
ClearUDD v1.0
CmdBar v3.20.110
Cmdline modified
Code (Delphi) Helper v0.5
Code Ripper v1.3
CodeDoctor v0.90
Command Bar v1.08.02
Conditional Branch Logger v1.0
CopyHexCode v0.20
CPU Initialization Patch v1.0.0.1
Crypto Scanner 0.5b
DataChage (2011-03-01)
DataRipper 1.3
DataRipper v1.2
Debug Help v0.1
Debug Privilege v1.0
DebugActiveProcessStop v0.1
DebugAsUser v0.2b
DebugPlugin v1.0
Dejunk v0.12
DeJunk v0.13
Delphi Library Call Importer v1.0
DetachMe v2.0
Dirty Banditos v0.1
DLLBreakEx v1.2
E Junk Code v1.0
EasyController v.1.0.3
EasyController v1.0.2.b
EasyController v1.0.2b
excounter v0.1b
ExtraCopy v0.9
ExtraCopy v0.90
ExtraCopy v1.0
FindAddress v1.0.0.3
FindCrypt v0.1
Force Allocate v0.1
FullDisasm_OllyDbg v2.3
FullDisasm_OllyDbg v3.0.1.172
Game Invader
Games Invader v2.1
GoDup v1.2
HanOlly Plugin v0.1
Hash Sniffer v2.0
HiddenThreads v0.1
Hide Debugger v1.2.4
HideCapt v1.00
HideDebugger v1.01
HideDebugger v1.23
HideDebugger v1.24
hideod 0.17
HideOD v0.181
HitTrace v0.1
HOlly v0.2
HOlly v0.4 Build 90
HookSysCalls v0.1
Hyde OD2.xx & CleanupEx 2.0.0d
HzorInline Helper Plugin v1.0
ICanAttach v0.2
IDA Sigs v1.0 Beta3
IDAFicator v.
IDAFicator v1.2.12
IDAFicator v2.0.11.45
ILLY v0.1 Beta 3
ILLY v0.1 Beta 5
ImmLabel v1.1
ImmLabel v1.3
ImmSoftice v0.1
InjectHookLib v0.1
IsDebugExtraHide v1.4
IsDebuggerPresent v1.4
j10n (Font Changer) v1.40.106
Kernel Disassembler v1.0
LabelArgs v0.1
Labeler v1.32
Labeler v1.33
Launcer v0.1
LCB Plugin v0.10
Load Map v0.1
LoadDLL 1.1
MagicHideOllyDbg v 1.01
MagicHideOllyDbg v1.01
MapConv v1.4
Mapimp v0.8
MarkAllAsSystem v0.1
MD5 Sniffer v1.0 Beta
Memory Backup v0.1
Memory Watch v1.0
MemoryDump v0.9
MemoryFollow v1.0
MnemonicHelp v1.1
Modified CmdLine v2442007
ModuleBCL v1.0
ModuleBpx v0.1
Multiline Ultimate Assembler v2.0 final
Multiline Ultimate Assembler v2.1
MUltimate Assembler v1.2
MUltimate Assembler v1.7
NameChanger v1.1
Nonawrite v1.1
NonaWrite v1.2
noSound v0.01
NotePad Topmost 1.1
NTGlobalFlag v1.1
NtGlobalFlagPlugin v1.0
ODBGPluginConv v0.1b
ODbgScript 1.47.vc6
ODbgScript 1.48
ODbgScript 1.50.3.VC6
ODbgScript 1.51
ODbgScript 1.52 ENG
ODbgScript 1.53
odbgscript 1.53 eng
ODbgScript 1.54.3.VC6
ODbgScript 1.60.3.VC6
ODbgScript 1.64.3.VC6
ODbgScript 1.65.1
ODbgScript 1.78.3
ODbgScript v1.48
ODbgScript v1.48.VC6
odbgscript v1.52 eng
ODBGScript v1.53 (hnhuqiong)
ODbgScript v1.77.3
ODBGScript v1.82.6
ODBJScript v1.1.956
ODDragAttach v1.1
oDump v0.1
Olly Advanced v1.27
Olly BP Mannager
Olly Detach v0.1
Olly Detach v0.2
Olly Fader v0.1
Olly Heap Vis
Olly Helper v1.3
Olly Hittrace
Olly Invisible v0.9.0.6
Olly Invisible v0.9.11
Olly Machine v0.2
Olly Module bpx
Olly Sync v0.2
Olly Toolbar Manager Gold
OllyBkmrX v1.9
OllyBone v0.1
OllyBugFix v0.1
OllyCallTrace v1.0
OllyCopy v0.3
OllyDbg De-Attach Helper v0.1
OllyDbg PE Dumper v3.01
OllyDbg PE Dumper v3.03
OllyDemangler v0.1
OllyDump v2.21b
OllyDump v3.00.110
OllyEmbellisher v0.1
OllyEye v0.1
OllyFlow v0.71 + OllyGraph v0.1
OllyGetObj v0.1
OllyGuard v0.1
OllyGuard v0.1.2
OllyMemScan v0.01
OllyMoreMenu v1.3b
OllyPad v1.1
OllyPerl v0.1
OllyPython v0.01 (Vesa)
OllyPython v0.12 (Wushi)
OllySafe v0.1
OllyScript 1.48 CH
OllyScript V 0.92
OllyScript v0.92
OllyScript v0.93_x86_build
OllySkin v0.1
OllySnake v0.1
OllySocketTrace v1.0
OllySSEH - SafeSEH Module Scanner v0.1
OllyStepNSearch v0.6.1
OllyStepNSearch v0.6.2
OllyStructs v1.0
OllySymbolServer v0.0
OllyTiper v1.2
OllyTiper v2.0
OllyUni v0.07
OllyVB v0.1
OllyVBHelper v0.1
OllyWow64 v0.1
OllyWow64 v0.2
Oreans UnVirtualizer 1.3
Oreans UnVirtualizer v1.6
PE Dumper 3.03
PhantOm Plugin v1.20
PhantOm Plugin v1.54
Plugin Loader v0.1
Plugins Manager v1.2
Point Events in Delphi Executables v1.0
Poison v0.1
Polymorphic Breakpoint v0.1
Punto H v0.1
PuntosMagicos v0.1
PushTracer v0.1
Python Plugin v0.3
RemoveCriticality v0.2
Robin v0.01
Scripad v1.0
SehSpy 0.1
SerialCounter v1.00
SigMaker v0.4
SkyPatch v1.0
Sleepp v0.5
StayOnTop v1.0
Stealth64 v1.2 (Beta)
StealthStep v1.0.0
StollyStructs v1.0
StrCopy v0.1
StrongOD v0.2.9.561
StrongOD v0.3.2
StrongOD v0.4.5.810
StrongOD v0.4.8.892
Suspicious Breakpoint Fix v1.0
Table Exporter v1.0
TLSCatch v0.3
TracKid v1.20
TransOlly v1.0a
Turbo Debug v1.0
Ultra String Reference v0.12
UnHandled Exception Filter v0.22p
Universal Hooker v1.2
Universal Hooker v1.3
VEHWalk v0.3
VicPlug-In v1.0
Virtual2Physical v0.1
VMSweeper v1.5 Beta 2
Watchman v1.00
Weasle v0.6
Window Infos v0.1
Window Juggler v0.06
Window Maximizer v1.00
x3 v0.1

download it from here: CLICK ME
AIO Plugins Pack for OllyDBG v2.0
[list Plugins]
Advanced Labels v1.3.0.9
AnalyzeThis v1.00
Asm2Clipboard v1.00
Bookmark v2.00.00
Call Stack v1.0
CleanupEx v2.0.0b
CleanupEx v2.0.0b1
ClearOD v1.0.0.2
Command Bar v3.20.110
HideOd v1.00b
Hyde v1.01
LCB v1.00b
Multiline Ultimate Assembler v2.1
ODbgScript v2.0.1.201 for OllyDBG 2.Epsilon3
OllyCallstack v0.1a
OllyDetach v2.0.0
OllyDump v2.01
OllyDump v2.1.0.2
OllyDumpEx v0.90
OllyDumpEx v0.92
OllyExt v1.0
OllyID v0.2.0
OllyMoreMenu v1.5+
OllyMSDN v1.0.1
OllyPEiD v0.0.2
OllySEH v1.1a
Olly_LKD v0.4
SystemTray v0.1
WinMax v2.00
WinMax v2.01
Immunity Manuals & Development Kits.
ODBGPluginConv v0.1b
OllyDbg Detection & Hide Tools
OllyDbg Extra Tools & Utilities
OllyDbg Manuals & Development Kits

download it from here: CLICK ME
OllyScript - Editors
Olly Script Editor 1.03
Olly Script Editor 2.00
OllyScriptEditor v0.35
OllySubScript v1.0 beta 3
OllySubScript v1.4.1

download it from here: CLICK ME
OllyDbg v1.10 all patches
Anti EXECryptor
Anti Detetion of OllyDbg Class Names
Anti DetectOlly
Anti DetectOlly.sr
Anti DetectOllyPatch-2
Anti DetectOlly_v2.2.4
anti dtolly2.2.3
NewBdbg v1.11.Patcher
ollydbg 1.xxpatch
OLLYDBG ClassName Patch
Ollydg FLDpatch [AoRE]
SnD - invisible ollydbg and known plugins v1.0

download it from here: click me
Immunity Python Scripts
!bpxep PyCommand v1.01
!getrpc PyCommand v0.1
!hidedebug PyCommand v1.0
!itunes7_antiantidebug PyCommand v0.1
!itunes7_universal_antiantidebug PyCommand v0.1
!loadmap PyCommand 1.3
!packets PyCommand v0.1
!patch IsDebuggerPresent v0.1
!scanpe PyCommand v1.0
!search PyCommand v0.1
!sqlhooker PyCommand v0.1
!tickcount PyCommand v0.1
!unmidl PyCommand v0.1
ASProtect 2.xx Deobfuscation Script
ASProtect 2.xx Deobfuscation Script v1.1
BlackManta v1.0

download it from here: CLICK ME
ImmunityDBG Plugins
Analyze This v0.1
Asm2clipboard v0.1
Cleanup Ex v1.12.108
Command Bar v3.10.109c
Crypto Scanner 0.5b (Immunity)
FullDisasm v1.71
FullDisasm_ImmDbg v2.3
Hide Debugger v1.2.4
HideOD v0.17
immSignSrch v0.5
IsDebugPresent v1.4
MapConv v1.40
ODBGScript v1.65
ODBGScript v1.65.4
OllyDbg PE Dumper v3.03
OllyDump v3.00.110
OllyMoreMenu v1.3c
PhantOm Plugin v1.20
PhantOm Plugin v1.54
TLS Stopper v0.21
Ultra String Reference v0.12
VEHWalk v0.2
Windows Maximizer v1.0

download it from here: CLICK ME
download plugin fixer: HERE
OllyScripts pack (1.813 Scripts for OllyDBG)
[LIST Scripts]
AHTeam EP Protector
AIO_Scripts900 by LCF-AT
Alawar Games
Alex Protector
At4re Asm Protecter
Backdoor PE Compress Protector
Bastards Tools
C.I. Crypt
Code Cave Finder
Code Redirect Remover
CrypToCrack Pe Protector
CSDSJKK Protector
DotFix NiceProtect
Duals eXe
Encrypt PE
EXE Evil
ExeStealth Protector & Packer
fEaRz Crypter
French Layor
G!X Protector
GHF Protector
Hide & Protect
Hmimys Packer
ID Application Protector
JDPack - JDProtect
KaOs PE-DLL eXecutable Undetecter
KByS Packer
Mr Undectetable
nProtect GameGuard
NTkrnl Packer
PE Diminisher
PE Lock NT
Pet i t e
Private EXE Protector
Private Personal Packer
Protection Plus
SDProtector Pro
Shegerd EXE Protector
Simple pack
SLVc Protector
Software Compress
The Best Cryptor
UnDo Crypter
Unopix Scrambler
UPX Lock
UPX Mutanter
UPX Protector
Upx s h i t
UPX Scrambler
VGCrypt PE Encryptor
Virogen Crypt
visual protect
Wind of Crypt
Yodas Crypter
Yodas Protector

download it from here: CLICKME
Download FULL package HERE: CLICK ME
password is: cONS:PIR4'cY

(This post was last modified: 11-17-2019, 03:42 PM by conspir4cy.Edit Reason: styling reasons / deleting shorters)
i'm just looking for knowledge, not pretending be great, just wanting to do stuffs

RE: OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-17-2019, 03:30 PM #2
Nice collection Indeed.
As a friendly reminder and as stated In the rules, short/redirection links are not permitted.

The following 1 user Likes mothered's post:1 user Likes mothered's post
RE: OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-17-2019, 03:36 PM #3
(11-17-2019, 03:30 PM)mothered Wrote: Nice collection Indeed.
As a friendly reminder and as stated In the rules, short/redirection links are not permitted.

ok.. i didn't know it.. i will edit this post to delete them.. THANKS A LOT for the reminder.
i'm just looking for knowledge, not pretending be great, just wanting to do stuffs

RE: OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-17-2019, 03:42 PM #4
(11-17-2019, 03:30 PM)mothered Wrote: Nice collection Indeed.
As a friendly reminder and as stated In the rules, short/redirection links are not permitted.

i'm just looking for knowledge, not pretending be great, just wanting to do stuffs

RE: OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-18-2019, 03:05 AM #5
(11-17-2019, 03:36 PM)conspir4cy Wrote:
(11-17-2019, 03:30 PM)mothered Wrote: Nice collection Indeed.
As a friendly reminder and as stated In the rules, short/redirection links are not permitted.

ok.. i didn't know it.. i will edit this post to delete them.. THANKS A LOT for the reminder.

All good.
Thanks for complying with the rules.

Ollydbg tutorial
The following 1 user Likes mothered's post:1 user Likes mothered's post
RE: OllyDBG All-In-One Pack (OllyDBG + Plugins + scripts) 11-18-2019, 03:36 AM #6
(11-18-2019, 03:05 AM)mothered Wrote:
(11-17-2019, 03:36 PM)conspir4cy Wrote:
(11-17-2019, 03:30 PM)mothered Wrote: Nice collection Indeed.
As a friendly reminder and as stated In the rules, short/redirection links are not permitted.

ok.. i didn't know it.. i will edit this post to delete them.. THANKS A LOT for the reminder.

All good.
Thanks for complying with the rules.

i love to do it
i'm just looking for knowledge, not pretending be great, just wanting to do stuffs

Users browsing this thread: 1 Guest(s)