-
Download the linked version of PIN
-
Unzip PIN to the root directory and rename the folder to pin
-
Clone this repository
-
Open the file PinUnpacker.sln with Visual Studio 2010 ( NB: The version is mandatory )
-
Set your IDAPro path in Log.cpp ( const Log::IDA_PATH )
-
Copy the folders FindOEPPin\PinUnpackerDependencies and FindOEPPin\PinUnpackerResults in C:\pin\
-
Compile the solution
\---C
\---pin
\+---source
|
|
|
\+---PinUnpackerResults
|
|
|
|
\+---PinUnpackerDependencies
| \---badImportsChecker.py
| \---badImportsList.txt
| \---dumperSelector.py
| \---Scylla
| \---ScyllaDLLx64.dll
| \---ScyllaDLLx86.dll
| \---ScyllaDumper.exe
|
\+---FindOEPPin.dll
-
Run this command from the directory C:\pin\
pin -t FindOEPPin.dll -- <path_to_the_exe_to_be_instrumented>
-
Check your result in C:\pin\PinUnpackerResults\< current_date_and_time >\