Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] Multi-Languages OPcodes DB
From: Jerome Athias (jerome.athiasfree.fr)
Date: Fri Aug 26 2005 - 04:37:04 CDT
as you probably all know, Windows DLLs have different base addresses
so i think it could be usefull to try to build a multi-lang opcodes
database, isn't it?
so, i have done VERY QUICKLY a little package based on a .BAT and some
Files included in the package:
* OPCODES_LIST.bat : (horrible) Main batch file
* Psinfo.exe : tool from sysinternals.com to retrieve windows system
informations ans the list of installed hotfixs (trying also to use the
Windows 2003 "wmic qfe" command) (could be long...)
* reg.exe : tool present on XP but not on all 2000... used to retrieve
the OS language (languages codes list included in the bat)
* Findjmp2.exe : tool by Class101 to retrieve the opcodes in memory
(DLLs searched : KERNEL32.DLL, NTDLL.DLL, USER32.DLL, SHELL32.DLL,
GDI32.DLL, WS2_32.DLL, WS2HELP.DLL)
(registers searched : EAX, EBX, ECX, EDX, ESI, EDI, ESP, EBP)
* LISTDLLS.exe : tool from sysinternals.com used to retrieve the
versions of DLLs
* mycrc.exe : tool by Luigi Auriemma to check files checksums (MD5,
* grep.exe : used to parse a litlle bit the output
* uniq.exe : used to parse a litlle bit the output
PLEASE NOTE :
1) we can do better and more simple!!!, so if you want: JUST DO IT and
please don't flame!
2) the output is far to be clean! but could be easily parsed with a
For guy who want to help; please send me the resulting
(PLEASE REMOVE ALL PERSONNAL DATA IN THE FILE! ;).
Then i'll try to check all the files and start to build something, of
course publicly available.
The package is available for download at:
Please let me know missing things...
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature