PEiDºº»¯°æÊÇÎÒ¹²ÏíµÄȫмòÌåÖÐÎÄ°æÕҿDzé¿ÇAPP£¬ËüÄÜ°ïÖúÎÒÃÇÕÒµ½APPÉϵÄÊý¾Ý¼ÓÃÜ¿Ç£¬ÐÖú´ó¼Ò¸ü¿ìÆÆÒ룡APP²»µ«Äܲ飬»¹ÄÜ°ïÖúÎÒÃÇÍÑ¿ÇÖ±½Ó¿´Ô´´úÂ룬ÓÐÐËȤµÄÁ¢¼´À´¶àÌØÈí¼þÕ¾Ãâ·ÑÏÂÔØ£¡
PEiDÊÇÒ»¿îÖªÃûµÄ²é¿Ç¹¤¾ß£¬Æ书ÄÜÆëÈ«£¬¼¸ºõ¿ÉÒÔ̽²â³öÈ«²¿µÄ¿Ç£¬Æä×ÜÊýÒѳ¬³ö470ÖÖPEÎı¾ÎĵµµÄÃâɱÖÖÀàºÍÇ©×Ö¡£
Èç½ñAPPÓúÀ´Óú¶àµÄÃâɱÁË£¬¸øÆÆÒë²úÉúÌرð´óµÄ²»·½±ã£¬¿ÉÊÇÄǸöAPP¿ÉÒÔ¼ìÑé³ö450ÖÖ¿Ç£¬Ê®·Ö±ã½Ý£¡
ÌáÉý²¡¶¾¸ÐȾɨÃè×÷Óã¬ÊÇÏֽ׶θ÷ÖÖ²é¿Ç¹¤¾ßÖУ¬ÌØÐÔ×îÅ£µÄ¡£
´ËÍ⻹¿É¼ø±ð³öEXEÎĵµÊÇÓÃʲôÓïÑÔ׫дµÄ£¬ÀýÈ磺VC ¡¢delphi¡¢vb»òDelphiµÈ¡£ÊÊÓÃÎļþ¼ÐÃû³Æ´óÅúÁ¿É¨Ã裻
²å¼þÌáÉýµ½5¸ö:GeneralOEP¡¢Kanal1.3£¬FSGv1.33Unpacker£¬CRC32(ÐÂÌáÉýµÄ)£¬PEiDͨÓÃÐÔÍÑ¿ÇÆ÷Forwinnt2kxp(ÐÂÌáÉýµÄ)£¬¡¡×÷ÓÃËùÓжÔÍ⿪·Å£¡¼«Á¦ÍƼö£¡
ÐÂÌáÉýWinNT·þÎñƽ̨ϵÄÈ«×Ô¶¯ÍÑ¿ÇÆ÷²å¼þ£¬¿ÉÒÔ½â¾öÈç½ñ¾ø´ó¶àÊýµÄAPPÍÑ¿Ç£¨°üº¬PEiD±¾ÉíµÄUPXShit0.06¿Ç£©£¡
È«²¿²å¼þ
±¾ÖÐÎÄ°æΪȫ²å¼þ°æ£¬ÊÇÏֽ׶λ¥ÁªÍøÖÐ×îÍêÃÀÎÞȱµÄ°æ±¾ºÅ£¬²å¼þÊÇÓÈÆäÈ«·½Î»µÄ£¬ÓÖΪÖÚ¶àµÄÍÑ¿Ç·¢ÉÕÓÑ´øÀ´Á˺ÃרÓù¤¾ßÀ²£¡
advanced_scan.dll AntiSPack.dll
crc32.dll Easy Screen 1.3.0.dll
eCrap.dll eCrapOepVerify.dll
EPScan.dll ExtOverlay.dll
ExtractOverlay.dll FC.DLL
FileInfo.dll FixCRC.DLL
FNE.dll frant.dll
FSG v1.33ÍÑ¿Ç.dll GenOEP.dll
GUID.dll hh.dll
HideCapt.dll HideCapt2.dll
IDToText.DLL Imploder.DLL
ImpREC.dll kanal.dll
Morphine.DLL oepscan.dll
ohfixer_v01.dll Overlay1.0.dll
Overlay1.0¼òÌåÖÐÎÄ°æ.dll Oversaver.dll
PackUPX.DLL Patch_Maker_0.5.0.dll
PE2HTML.dll PE2HTML.exe
PEExtract.DLL PEiDBundle.DLL
PESniffer4PEiD.ASM PESniffer4PEiD.DLL
PlgLdr.dll PluginEx.dll
pluzina.dll pluzina1.dll
pluzina4.dll pluziny.nfo
QuickChSum.dll RebuildPE.dll
RelocRebuilder.dll s.bat
s.txt SecFix.dll
SecTool.DLL Sendspy.dll
StringViewer.dll unbero.dll
UnCDS_SS.DLL undef.dll
UnFakeNinja.DLL unfsg.dll
UnitsBrowser.dll UnPPP.DLL
UnRCrypt.DLL UnRPolyCrypt.DLL
UnUPolyX.dll UNUPX.DLL
unupx2.dll UnUPXShit.dll
UPXI.dll UPXScramb.dll
uupx.dll VerA.dll
VerA.txt xInfo.DLL
XNResourceEditor_Plugin.DLL XP.dll
YPP.DLL ypp.ini
ZDRx.dll [[-=About PEiD =-]]
PEiDÈçºÎʹÓã¿
PEiD×î³£¼ûµÄ²å¼þ±ãÊÇÍÑ¿Ç£¬PEiDµÄ²å¼þÀïÓÐÒ»¸öͨÓÃÐÔÍÑ¿ÇÆ÷£¬ÄÜÍѾø´ó¶àÊýµÄ¿Ç£¬¼ÙÈçÍѿǺóimport±íΣº¦£¬»¹Äܹ»È«×Ô¶¯¶ÁÈ¡ImportRECÐÞ²¹import±í£¬µãÒ»ÏÂ=¿ªÆô²å¼þÁÐ±í£¬ÈçÏÂͼ£º
ÒÀ¾Ý²å¼þÁÐ±í£¬»¹Äܹ»Õë¶ÔһЩ¿ÇÍÑ¿Ç£¬Êµ¼ÊЧ¹û±ÈͨÓÃÐÔÍÑ¿ÇÆ÷»á¸üºÃ
µãÒ»ÏÂEPºóµÄ¿ÉÒÔ½øÐÐSection¿éÁбí:
ÔÙÔÚSection¿é±íÉÏÓÒ¼üµçÄÔÊó±ê£¬Äܹ»¿´¼ûÏÂÁв˵¥À¸Ñ¡ÔñÏ
µã»÷ËÑË÷È«0´¦£¬»á°ÑÈ«²¿¿éÖÐÈ«0µÄÇø¿éÁ´ËѳöÈ¥£¬ÄÇÑùÎÒÃÇ¿ÉÒÔÔÚÕâÖÖ±àÂëÉÏÌí×ÔÉí¼ÓÉϵÄcode£¬Ê®·Ö±ã½Ý:
Á¢¼´ÓÃwinHex¸Ä¾Í¿ÉÒÔÁË,
ÃüÁîÐвÎÊý
PEiD now fully supports commandline parameters.
peid -time// Show statistics before quitting ÏÔʾ
peid -r// Recurse through subdirectories ɨÃè¸ùĿ¼
peid -nr// Dont scan subdirectories even if its set ²»É¨Ãè¸ùĿ¼
peid -hard// Scan files in Hardcore Mode Ñ¡ÓùؼüɨÃèģʽ
peid -deep// Scan files in Deep Mode Ñ¡ÓÃÉî²ãɨÃèģʽ
peid -norm// Scan files in Normal Mode Ñ¡ÓÃÒ»ÇÐÕý³£É¨Ãèģʽ
peid file1 file2 dir1 dir2
You can combine one or more of the parameters.
For example.
peid -hard -time -r c:\windows\system32
peid -time -deep c:\windows\system32\*.dll
PEIDµÄɨÃèģʽ£º
Ò»ÇÐÕý³£É¨Ãèģʽ£º¿ÉÔÚPEÎı¾ÎĵµµÄͨµÀµãɨÃèÈ«²¿¼Í¼µÄÇ©×Ö
Éî²ãɨÃèģʽ£º¿ÉÉî²ãɨÃèÈ«²¿¼Í¼µÄÇ©×Ö£¬ÕâÀ෽ʽҪ±ÈÉÏÒ»ÖÖµÄɨÃè·¶³ë¸ü¹ã£¬¸üÉî²ã´Î
¹Ø¼üɨÃèģʽ£º¿ÉÏêϸµÄɨÃèÈ«²¿PEÎı¾Îĵµ£¬µ«Ïà¶ÔÐÔÓеã¶ùÂý
°æ±¾Éý¼¶±íÃ÷
0.7 Beta - First public release.
0.8 Public-Added support for 40 more packers. OEP finding module. Task viewing/control module.
GUI changes. General signature bug fixes. Multiple File and Directory Scanning module.
0.9 Recode-Completely recoded from scratch. New Plugin Interface which lets you use extra features.
Added more than 130 new signatures. Fixed many detections and general bugs.
0.91 Reborn- Recoded everything again. New faster and better scanning engine. New internal signature system.
MFS v0.02 now supports Recursive Scanning. Commandline Parser now updated and more powerful.
Detections fine tuned and newer detections added. Very basic Heuristic scanning.
0.92 Classic-Added support for external database, independent of internal signatures. Added PE details lister.
Added Import, Export, TLS and Section viewers. Added Disassembler. Added Hex Viewer.
Added ability to use plugins from Multiscan window. Added exporting of Multiscan results.
Added ability to abort MultiScan without loosing results.
Added ability to show process icons in Task Viewer.
Added ability to show modules under a process in Task Viewer. Added some more detections.
0.93 Elixir-Added sorting of Plugin menu items. Submenus are created based on subfolders in the directory.
Added Brizo disassembler core. Added some more detections.
Fixed documented and undocumented vulnerability issues.
Fixed some general bugs.
Removed mismatch mode scanner which needs further improvements.
0.94 Flux-Too much is new to remember.
MFS, Task Viewer and Disassembler windows maximizable.
New smaller and lighter disassembler core CADT.
New KANAL 2.90 with much more detections and export features.
Added loads of new signatures. Thanks to all the external signature collections online.
String References integrated into disassembler.
Fixed documented and undocumented crashes.
Fixed some general bugs.
0.95 Phoenix - Fixed some crashing bugs.
Minor Core update.
Crash Fix in Securom detection.
Òƶ¯É¨ÃèÒÇÈí¼þÊÇÒ»ÖÖÓëɨÃèÒÇÏ൱µÄÊÖ»úÈí¼þ¡£ÓÐʱÐèÒª½«Ö½ÖÊÎĵµÉ¨Ãèµ½Îļþ¼ÐÖУ¬µ«ÊÇÈç¹û¸½½üûÓÐɨÃèÒÇÄØ£¿ÐÒÔ˵ÄÊÇ£¬ÄúÏÖÔÚ¿ÉÒÔʹÓÃÊÖ»úʹÓÃÕÕƬɨÃèÈí¼þÓ¦ÓóÌÐòɨÃèÎĵµ£¬ËùÒÔÄúµÄºÃÓѱØÐëÏëÖªµÀÄÄÖÖÓ¦ÓóÌÐòɨÃèÒÇÊǺõģ¿É¨ÃèÓ¦ÓÃÅÅÃû³Ï¿ÒÍƼö¸øÄú£¬ÕâЩɨÃèÈí¼þ¿ÉÒÔɨÃèÎļþ£¬Äú¿ÉÒÔ±£´æÔÚÄúµÄÊÖ»úͼƬ»òPDF¸ñʽ£¬Ê¹ÄúµÄÊÖ»ú¿ÉÒÔ³ÉΪ±ãЯʽɨÃèÒÇ¡£¶àÌØÊÖÓÎרÌâΪÄúÌṩɨÃèÈí¼þ,ºÚÍ«Æƽâ°æÉãÏñͷɨÃèÈí¼þ¡£°²×¿Æ»¹û°æÈí¼þappÒ»Ó¦¾ãÈ«¡£
©¶´É¨Ã蹤¾ßµÄÖ÷Òª¹¦ÄÜÊÇͨ¹ý¿ª·¢¶Ô±¾µØ¼ÆËã»ú½øÐÐɨÃ裬ͨ¹ý©¶´É¨Ã蹤¾ßÆÀ¹À¼ÆËã»úµÄ½¡¿µ×´¿ö£¬·ÖÎö¼ÆËã»úÖÐÊÇ·ñ´æÔÚ°²È«Â©¶´¡£ÔÚÐí¶àÇé¿öÏ£¬ÎÒÃÇÔÚ©¶´É¨Ãè¹ý³ÌÖÐʹÓ鶴ɨÃ蹤¾ß£¬Í¨¹ýϵͳ²»¶Ï¸üкÍÐÞ¸´Â©¶´£¬Ìá¸ß¼ÆËã»ú°²È«ÐÔ¡£ÏÂÃæµÄ°æ±¾ÎªÄúÕûÀíÁËһЩ©¶´É¨Ã蹤¾ß¡£ÓÐÐèÒªµÄÅóÓÑ¿ÉÒÔÏÂÔز¢Ê¹ÓÃËüÃÇ¡£¶àÌØÈí¼þרÌâΪÄúÌṩ©¶´É¨Ã蹤¾ß,¹«Ë¾Â©¶´É¨Ã蹤¾ß,°²×¿Â©¶´É¨Ã蹤¾ß¡£¶àÌØÈí¼þÕ¾Ö»ÌṩÂÌÉ«¡¢ÎÞ¶¾¡¢ÎÞ²å¼þ¡¢ÎÞľÂíµÄ´¿ÂÌÉ«Èí¼þÏÂÔØ¡£
¶àÌØÈí¼þרÌâΪÄúÌṩɨÃ蹤¾ß,ɨÃ蹤¾ßapp,ÊÖ»úɨÃ蹤¾ß;°²×¿Æ»¹û°æÈí¼þappÒ»Ó¦¾ãÈ«¡£¶àÌØÈí¼þÕ¾Ö»ÌṩÂÌÉ«¡¢ÎÞ¶¾¡¢ÎÞ²å¼þ¡¢ÎÞľÂíµÄ´¿ÂÌÉ«¹¤¾ßÏÂÔØ
¶àÌØÈí¼þרÌâΪÄúÌṩӲÅÌɨÃ蹤¾ß,Ó²ÅÌɨÃ蹤¾ß¼ì²â²»µ½Ó²ÅÌ,Ó²ÅÌɨÃ蹤¾ßÔõôÓÃ;°²×¿Æ»¹û°æÈí¼þappÒ»Ó¦¾ãÈ«¡£¶àÌØÈí¼þÕ¾Ö»ÌṩÂÌÉ«¡¢ÎÞ¶¾¡¢ÎÞ²å¼þ¡¢ÎÞľÂíµÄ´¿ÂÌÉ«¹¤¾ßÏÂÔØ
¶àÌØÈí¼þרÌâΪÄúÌṩ´ÅÅÌɨÃ蹤¾ß,´ÅÅÌɨÃ蹤¾ß¼Æ»®,´ÅÅÌɨÃè;°²×¿Æ»¹û°æÈí¼þappÒ»Ó¦¾ãÈ«¡£¶àÌØÈí¼þÕ¾Ö»ÌṩÂÌÉ«¡¢ÎÞ¶¾¡¢ÎÞ²å¼þ¡¢ÎÞľÂíµÄ´¿ÂÌÉ«¹¤¾ßÏÂÔØ