In the information I found for getting around the anti-debug for forsaken world there was an addon being used with Ollydbg called "Strong." Now I found a few copies in different places but I've never been to those sites and don't know if they're known for handing out keyloggers/trojans.
By chance, does anyone know a reliable place where I can get this addon?
I'm not quite sure what the addon is supposed to do (though I thought I did at first) but here's the description I keep seeing:
Code: Select all
Make your OllyDbg Strong!
This plug-in provides three kinds of ways to initiate the process:
1, Normal - And the same manner as the original start, the STARTUPINFO inside unclean data
2, CreateAsUser - User with a mandate to initiate the process of the user, so that the process running under the purview of the User, unable to establish the process Admin operation.
Running is such a need in the local security strategy - the user rights assignment inside your users will join the two powers:
1, the replacement process-level marks (SeAssignPrimaryTokenPrivilege)
2, the operating system mode operations (SeTcbPrivilege)
If the home version of the windows, unable to set up, then you can try to use SuperMode and reopen the OD to upgrade the competence and strongly does not recommend the use of this option
3, CreateAsRestrict - The second option the user with User authority to initiate the process more restricted areas, and increase the third function to a explicit Admin users to initiate proceedings.
The procedure is initiated Admin user, but power users only some of the default User authority, all authority to delete some risk (including SeDebugPrivilege, SeLoadDriverPrivilege, etc.), this procedure will not run OD cause great harm. In this way the proposed commencement of the proceedings.