OldSchoolHack

Registrieren / Anmelden Deutsch
deutschDeutsch
englishEnglish
Neue Beiträge Erweiterte Suche

Overwatch Dump Fix


icon Overwatch Dump Fix #1

Anmeldungsdatum: Aug 2007

Beiträge: 1957

 Kategorie: Other FPS Games
Entwickler: changeofpace

Beschreibung:
Summary:

This x64dbg plugin removes anti-dumping and obfuscation techniques from Overwatch.exe to make the game able to be dumped using Scylla.

How to use:

x64dbg
  1. Attach x64dbg to Overwatch.exe then execute the OverwatchDumpFix command.
  2. Open Scylla, select Overwatch.exe in the "attach to an active process" drop-down list.
  3. Click "IAT Autosearch".
  4. Click "Get Imports".
  5. Click "Dump" and save the file as an .exe.
  6. Click "Fix Dump" and select the dump file (adjust the type filter).
  7. The Scylla output view should say "Import Rebuild success [FILE PATH]".
  8. Click "PE Rebuild" and select the fixed dump file.

IDA Pro
  1. Open the dump file in IDA. Check the "Manual Load" box. Click "OK" / "Yes" for every prompt.
  2. Run the "Universal Unpacker Manual Reconstruct" plugin for the IAT to set imports to the correct color.
  3. Happy reversing


Source:

Um Links zu sehen, musst du dich registrieren



Download:
Overwatch Dump Fix
System ist offline
icon #2

Anmeldungsdatum: Aug 2007

Beiträge: 8643

Benutzer-Bewertung:

199 positiv
33 negativ
 Kategorie: Other FPS Games
Entwickler: changeofpace

Beschreibung:
Release v2.1
  • Simplified FixOverwatch() by only remapping the views representing .text and .rdata instead of every view.
  • Added verbose logging option.


Summary:

This x64dbg plugin removes anti-dumping and obfuscation techniques from Overwatch.exe to make the game able to be dumped using Scylla.

Syntax:

TEXT Code:
  1. OverwatchDumpFix [verbose]

Invoking the command with an argument that evaluates to true, e.g. 1, will enable verbose output.

How to use:
x64dbg
  1. Attach x64dbg to Overwatch.exe then execute the OverwatchDumpFix command.
  2. Open Scylla in x64dbg's "Plugins" menu then select Overwatch.exe in the "Attach to an active process" drop-down list.
  3. Click "IAT Autosearch".
  4. Click "Get Imports".
  5. Click "Dump" to create a dump file.
  6. Click "Fix Dump" and select the dump file from (5) to reconstruct imports.
  7. The Scylla output view should say "Import Rebuild success [FILE PATH]".
  8. Click "PE Rebuild" and select the fixed dump file.

IDA Pro
  1. Open the dump file in IDA. Check the "Manual load" and "Load resources" (optional) boxes. Click "OK" / "Yes" for every prompt.
  2. Run the "Universal Unpacker Manual Reconstruct" plugin for the IAT to set imports to the correct color.
  3. Happy reversing


Source: Um Links zu sehen, musst du dich registrieren



Download:
Overwatch Dump Fix

__________________

Hallo
KN4CK3R ist offline