Baymax Patch toOls v3.3.3 (2024.08.11)
 

Baymax Patch Tools v3.3.3

Tool description:
Baymax Patch Tools is a hijacking patch making tool that releases a hijacking DLL for the target process to load the function module PYG. Two patching functions are supported.search and replace patch supports feature code search and replace memory data, exception breakpoint patch supports simulating the exception breakpoint function of debugger and modifying register, memory and other data after setting and triggering breakpoint to achieve the purpose of modifying program execution flow and so on.
The tool is protected, antivirus may misreport the tool and patch files! Due to the use of the shell SDK, all components of the tool (including the generated patches) do not contain networking capabilities! The generated patches will not modify any files on the system when running (except for overwriting patch files). The generated patches will not modify any files on the system when running (except for overwriting patch files). The tool itself has a verification mechanism and will load only after the module is successfully verified at startup, but for security reasons, please be sure to download and use it from the official site.

Function introduction:
. support hijacking crack, not modify the file itself
. support for patching processes with dynamic base addresses (ASLR)
. support patching multiple DLL modules of the target process
. support patching different EXEs of the same patch
. support patching the memory data of a process at a specified address
. support for patching processes using feature code matching
. support setting API HOOK decoding for shelled programs before patching data
. support patching data after setting hardware breakpoint interrupt for the process
. support setting exception breakpoints to modify the memory pointed to by registers or registers after interrupting the process
. support setting conditional breakpoints for processes to determine whether to execute Patch according to the number of interrupts, . . . . register or memory values
. support setting different conditional breakpoints for the same address to perform Patch on the interrupts that meet the conditions
. support extracting global variables from assembly instructions to store and modify them
. support for storing data and using stored data during process execution
. support patching the memory pointed to by the memory marker after interrupt
. support basic operations on data after interrupt
. support for reading patch data from ini file
. support to create memory keymaker
. support for creating debug patches to troubleshoot patch problems by yourself


Update：

2024.08.11
x86/x64 v3.3.3
1. Fix the bug that Hook failure on Win7 system leads to invalid loading of monitoring module.
2. fix a bug that crashes when setting NOP type patch in INT3-3 mode.(Thanks to SlayerS'_'BoxeR for feedback)
3. fix the bug of displaying lpk.dll hijacked module in x64 patch.(Thanks to 理想的海洋 for feedback)
4. Fix Win Server 2025 24H2 platform crash. (Thanks to andyfeifei for the feedback.)
5. some optimization of internal logic.

2024.03.21
x86/x64 v3.3.1
1. Add hijacking code generation tool. Drag the module (dll) that can be used for hijacking into the window, you can generate the hijacking project corresponding to the VS version. The tool supports hijacking mode and transit mode; supports some C++ export functions (namespaces, classes, virtual tables, static members, etc.); parses and generates export data (non-functions).
2. restructured and optimized the internal logic of the patch module PYG.dll/PYG64.dll, and the functions of the 32/64 modules have been aligned.
3. Enhanced the function of "Protect Hardware Breakpoints" (to be perfected on Win7), after checking this function, you can directly set hard breaks for patching some shelled programs.
4. support setting UI fonts, support setting default fonts for patches, and you can also set fonts in the menu of patches.
5. Fix the compatibility problem on non-Chinese systems.
6. fix the problem of loading failure of PYG.dll in XP system.
7. fix detours occasional stuck problem (thanks to DNA's feedback and assistance in testing)
8. fix the bug that "Autoloading" mode fails to inject into some processes (thanks to Stone & Cloth for the feedback)
9. Generate loader no longer forcibly overwrite the ini file.
10. change the language file, support to set multiple LangId, split by comma.
11. Cancel the output of debugview in debug version.
12. debug version no longer detect x64dbg, no longer detect hijacked DLL.
13. Add Spanish language file, thanks to LoPeRa.

2023.09.26
x64 v3.1.7.2
1. fix the bug of checking uxtheme.dll file incorrectly (thanks to 石头✄布 && YANGMYRON for the feedback).
2. Fix the bug that the patch program fails to overwrite PYG64.dll by releasing it separately.

2023.09.15
x86 v3.1.7
x64 v3.1.7
1. fix the bug that reboot doesn't work after setting language (thanks for the feedback from plusv).
2. Add Traditional Chinese language (thanks to plusv).
3. Fix a crash that could be triggered by setting a stack adjustment value in the "The function returns directly after modifying the context" type.

2023.09.05
x86 v3.1.5.3
x64 v3.1.5.3
1. Optimize the flow of int3-1, hardware breakpoint exception handling function.
2. Increase the output of debugging information during patching process.
3. fix the bug of setting function in Int3-3 mode to return immediately to the program stuck (thanks for the feedback from 听雨 ).
4. Fix a logical conflict issue when setting up multiple patch entries at the same address.
5. Fix the bug that setting conditional breakpoints with UNICODE strings fails.
6. Fix a compatibility issue after installing KB5029247 system patch (thanks for the feedback from 夫唯不争).
7. Improve the logic of setting hardware breakpoints for all threads (thanks for the feedback from 春天里).
8. (x86)Fix the bug of uxtheme.dll file checksum error on XP or above systems (thanks for the feedback from 小面条).
9. some internal optimizations and anti-debugging.

2023.01.30
x86 v3.1.3
x64 v3.1.2
1. Fix compatibility issues with Windows XP system caused by shell
2. Fix a bug introduced in version 3.1: setting When Running to Oep to generate a non-debug version of Loader will cause the target process to start up and get stuck (thanks to fairycn for the feedback)
3. Fix the bug of wrong display of QWORD data for x64 edit condition breakpoints
4. Fix a bug that when editing old bpt projects, the parsing of entries containing conditional breakpoints was wrong (thanks to 737008227 for the feedback)

2023.01.18
x86 v3.1.0
1. Support multi-language function
2. adjusted and optimized the UI, text descriptions, etc. to improve the interactive experience

----------------------------------------------------------

Download(The zip has a password.)
https://sourceforge.net/projects/baymax-patch-tools/files/

or(The zip has a password.)
Download: http://pan.baidu.com/s/1pLUuBEj Code: 5x8n


Update a tutorial on how to use this tools
Baymax Patch App Protected by VMP： https://forum.exetools.com/showthread.php?t=20642

@Nisy
Testing on earlier version (Beta 6), so far it's perfect.
1. For almost targets (protected with VMProtect, Themida, etc.) is OK.
2. But for some target files which have "Anti /Disabled DLL Hijacking" it's still fail.
I haven't tested it further.
I hope you can consider "Anti/Disabled DLL Hijacking" solution for next release.

So far this is the best patcher tools that I ever used.
Keep your nice working.

Hi Nisy,

In Windows XP the application v3.1.0 Build 118, during loading shows the following error message:

Baymax.exe Entry Point Not Found
The procedure entry point DPA_Create could not be located in the dynamic link library comctl32.dll

WinXP is not completely supported ?

Cheers.

nobody use winxp anymore, only thoses who want to be hacked :)

The problem has been fixed, thanks for the feedback.

Baymax Patch Tools v3.1.1
Fix compatibility issues with Windows XP system caused by shell

Thanks to test feedback, the next version may prioritize support for custom hijacking module features. Traditional file patches are difficult to intelligently solve the file verification problem, hijacking patches can theoretically bypass the detection of the process through schemes such as off-link and HookAPI (baymax's function can actually meet part of it), but this egg is still left to crackers to solve it themselves ^_^

Right, the custom hijacking module features is one of solution.
So if you consider this features, I am sure that Baymax will be the most complete and most reliable patching tool, out there.
Good luck...

2023.01.30
x86 v3.1.3
x64 v3.1.2
1. Fix compatibility issues with Windows XP system caused by shell
2. Fix a bug introduced in version 3.1: setting When Running to Oep to generate a non-debug version of Loader will cause the target process to start up and get stuck (thanks to fairycn for the feedback)
3. Fix the bug of wrong display of QWORD data for x64 edit condition breakpoints
4. Fix a bug that when editing old bpt projects, the parsing of entries containing conditional breakpoints was wrong (thanks to 737008227 for the feedback)

Consider to add target dll patch.

Great tool btw!

I have a target,the program is X86, but the DLL is X64. How to fix it?

temporarily not supported

I still use xp vm for reversing older stuff ;)

Is there a detailed tutorial for this somewhere?

onedrive）：https://v.gd/swP8HG
百度云：链接：https://pan.baidu.com/s/1vjm0pFQ4qAl3GpPRsBVSmw 提取码：6666

16.42AA38 Registration Machine Adding Memory and Displaying Registration Code.mp4

https://www.bilibili.com/video/BV17V411b7EA/



15. How to concatenate strings in the registration machine display. mp4

https://www.bilibili.com/video/BV1Y54y1t7ex/



14. Pop Frame Display Registration Machine.mp4

https://www.bilibili.com/video/BV1zX4y1u79Z/



13.42AA98 Modify Flag Register Method Patch. mp4

https://www.bilibili.com/video/BV1Wo4y1Z7tu/



12. Add anti debugging detection.mp4

https://www.bilibili.com/video/BV1DV411b7iQ/



Overview of decoding timing and patch types. mp4

https://www.bilibili.com/video/BV1mf4y1e7nR/



10. Options for patching multiple exe or dlls in the same directory. mp4

https://www.bilibili.com/video/BV1qz4y1r7bC/



9. Add abnormal interrupt patch NOP.mp4

https://www.bilibili.com/video/BV1Lp4y1B7nq/



8-2 Instructions Replace Patch.mp4

https://www.bilibili.com/video/BV1Fi4y1w7Co/



8-1 Instruction Replacement Patch.mp4

https://www.bilibili.com/video/BV1ui4y1w7LE/



7. In-depth analysis and exploration of possible blasting methods. mp4

https://www.bilibili.com/video/BV1Mp4y1B7Zu/



6. String conversion. mp4

https://www.bilibili.com/video/BV17h411f7tR/



5. Feature Code Search.mp4

https://www.bilibili.com/video/BV1ty4y1U7fB/



4. Offset Conversion. mp4

https://www.bilibili.com/video/BV1Dz4y1r7to/



3. File Comparison.mp4

https://www.bilibili.com/video/BV1Az4y1k7NN/



2. Overview of White Menu. mp4

https://www.bilibili.com/video/BV1Jz4y1r7s4/



1. Software and plugins required during environment setup debugging process. mp4

https://www.bilibili.com/video/BV1Az4y1k7np/



I followed the advice of my classmates downstairs and added a column:

https://space.bilibili.com/322368077/channel/detail?cid=163879 Thumbnail schema

https://www.bilibili.com/video/BV1Do4y1Z7r7 Right List Style

I cant change language to english with win11 x64.

unfortunate it;s deleted on spot by many anti-viruses.

I have to trace an exe running under dos emulator (86box).
May it work?
Thanks

Update v3.1.7 ：2023.09.12
Fixed many issues, recommend updating.

This is still the case with updated version. Gets flagged as virus and gets deleted. Cannot set exclusion in AV also :(

The tool is protected, antivirus may misreport the tool and patch files! Due to the use of the shell SDK, all components of the tool (including the generated patches) do not contain networking capabilities! The generated patches will not modify any files on the system when running (except for overwriting patch files).

I know that your tools are clean. Because of the tool being packed, with possibly leaked protectors which have been blacklisted or something? ;), I think the OS deletes it as malicious.

Since when the Sicaril's homepage has been pulled ?

Error 404

github site still keep 404.

have to wait for gihub folder to be back online to download.
the panbaidu link doesn't fair well at my end !

Not possible download the update of baymax using github and panbaidu links

Baymax Patch Tools 3.1.7 beta1

pass:www.chinapyg.com

none existant file

Link works good. File "R.zip"

Links still works. I downloaded just now.

Links still works.

Baymax.Patch.Tools.v3.1.7
hxxps://mega.nz/file/igsiyQgB#NRmjekvshCxm-A_wAlEE7ldeifOUh5DHPw-w42MaOWQ

Baymax.Patch.Tools.x64.v3.1.7
hxxps://mega.nz/file/bgNn2CrR#ng4jlTcwaQvFhMd3mvhPF3GobnF9Y-3I15acf6aoV7g

Password : www.chinapyg.com

Update a tutorial on how to use this tools
Baymax Patch App Protected by VMP： https://forum.exetools.com/showthread.php?t=20642

Update：

2024.03.21
x64 v3.3.1
1. Add hijacking code generation tool. Drag the module (dll) that can be used for hijacking into the window, you can generate the hijacking project corresponding to the VS version. The tool supports hijacking mode and transit mode; supports some C++ export functions (namespaces, classes, virtual tables, static members, etc.); parses and generates export data (non-functions).
2. restructured and optimized the internal logic of the patch module PYG.dll/PYG64.dll, and the functions of the 32/64 modules have been aligned.
3. Enhanced the function of "Protect Hardware Breakpoints" (to be perfected on Win7), after checking this function, you can directly set hard breaks for patching some shelled programs.
4. support setting UI fonts, support setting default fonts for patches, and you can also set fonts in the menu of patches.
5. Fix the compatibility problem on non-Chinese systems.
6. fix the problem of loading failure of PYG.dll in XP system.
7. fix detours occasional stuck problem (thanks to DNA's feedback and assistance in testing)
8. fix the bug that "Autoloading" mode fails to inject into some processes (thanks to Stone & Cloth for the feedback)
9. Generate loader no longer forcibly overwrite the ini file.
10. change the language file, support to set multiple LangId, split by comma.
11. Cancel the output of debugview in debug version.
12. debug version no longer detect x64dbg, no longer detect hijacked DLL.
13. Add Spanish language file, thanks to LoPeRa.

@Nisy

Will the tool be available outside of chinepyg[.]com? Even using different vpns I cannot manage to load panbaidu download page?

In the OP;)

I can't upload from my github or sourceforge accounts, I uploaded a copy to upload.ee, you can try it.

OK, this is my bad; I didn't check the OP and directly headed to the panbaidu site.

2024.08.11
x86/x64 v3.3.3
1. Fix the bug that Hook failure on Win7 system leads to invalid loading of monitoring module. 2.
2. fix a bug that crashes when setting NOP type patch in INT3-3 mode.(Thanks to SlayerS'_'BoxeR for feedback)
3. fix the bug of displaying lpk.dll hijacked module in x64 patch.(Thanks to 理想的海洋 for feedback)
4. Fix Win Server 2025 24H2 platform crash. (Thanks to andyfeifei for the feedback.)
5. some optimization of internal logic.

Archive password is the same