sunbeam906
sunbeam906
I can confirm the same for DLL files. Uploaded the target here: [cshell.zip](https://github.com/Mixaill/FakePDB/files/6956653/cshell.zip). Using IDA 7.5 SP3 with 0.3. If I try the plugin/tool on an executable for which I've...
> Can you provide your .idb /.i64 file? ( [[email protected]](mailto:[email protected]) or Mixaill#1085 in Discord) I've also sent you a Discord invite :) Thanks, will produce the file and send over....
Adding to this: Some of the executables I created a fake .pdb for with IDA labels have the Debug Directory stripped. In this case, it would need to artificially be...
I've sorted it out. 1) To "create" the Debug Directory, you need to find a spot where to write 0x1C bytes. I recommend using an existing section, at the end...
Copy what's in the IDA folder in the zip (not the IDA folder, but enter the folder) to IDA/plugins/. That's your problem.
> My quick fix based on v0.3 for those who are interested. https://github.com/SoulXHades/FakePDB/releases/tag/v0.3.1 Thank you for taking the time to look into this! Much appreciated! P.S.: Oh, there are several...
I believe what he's saying is EFIGuard is outdated for the latest Window 10 builds. There's been several cumulative patches since May 2021 (date of latest EFIGuard release) which broke...
EDIT: I have just re-tested it and can confirm it works perfectly fine still on Windows 10 .1889. When a Windows update occurs, you will most likely have to re-apply...
Give this a try? -> https://github.com/SoulXHades/FakePDB/releases/tag/v0.3.1
Can confirm the trick works nicely. But just so everyone understands: **this is for x86 VMP targets only** :) [ScyllaHideX64DBGPlugin.dp32.zip](https://github.com/x64dbg/ScyllaHide/files/14968878/ScyllaHideX64DBGPlugin.dp32.zip)