■ 軟體說明:
∥軟體名稱:Import REConstructor
∥版本資訊:1.7b FINAL
∥檔案大小:411 KB (421,613 位元組)
∥軟體分類:軟體本地化
∥存放空間:HTTP
∥中 文 化:YoYo
■ 軟體簡介:
輸入表重建工具;用於修復可執行檔案 dump 後的輸入表 (如果有需要),配合 OllyDBG & PE Tools 或 LordPE 完成手動脫殼作業,使用方法請參考:
http://forum.slime.com.tw/thread225729.html 帖內說明。
註:中文化修飾了一些翻譯;Classic 版本我沒加入。
以下引自 TUTS4YOU:
引用:
|
This tool is designed to rebuild imports for protected/packed Win32 executables. It reconstructs a new Image Import Descriptor (IID), Import Array Table (IAT) and all ASCII module and function names. It can also inject into your output executable, a loader which is able to fill the IAT with real pointers to API or a ripped code from the protector/packer (very useful against emulated API in a thunk).
Sorry but this tool is not designed for newbies, you should be familiar a bit with manual unpacking first (some tutorials are easy to find on internet).
Features:
- Imports
- An original tree view
- 2 different methods to find original imports (by IAT and/or API calls)
- A *FULL* complete rebuilder (including a new fresh IAT)
- Loader
- An analyzer and ripper of redirected API code
- An injected loader code to support mix of imports + ripped code in a thunk
- A heuristic relocator
- Tracers
- 3 default tracers (disasm, hook & ring3) to find APIs in redirected code
- A plugin interface to develop your own tracers
- Misc
- Support ALL 32/64bits Windows (9x, ME, NT, 2k, XP and Vista32/64)
- An export renormalizer for Win9x/ME (ala Icedump)
- A built-in coloured disasm/hex-viewer to analyze the redirected code
- A built-in dumper
- Support almost all known antidump tricks
|
以下版本歷程引自 [History.txt]:
引用:
|
v1.7b FINAL (PUBLIC VERSION)
----------------------------
- Misc
- Fixed invalid API bug in user32.dll on Windows 98 (jstorme)
- Modified code to improve support for discardable/unreadable sections (jstorme)
- Fixed ImageBase problem with DLL's when "Use PE Header from Disk" is checked (jstorme)
- Added an "ImpREC Classic" looking version
|
■ 檔案下載:
載點連結:
http://0rz.tw/363Lb
MD5:
語法:
0B5F6F7EE917C61F64C996B8DB10EDAF
解壓碼:
語法:
CENTURYS 網際論壇 中文化開發團隊