Equivalent of GDB's "call" in Ollydbg (or other Windows debugger)

Question

In GDB, I can call a function that is part of the executable I am debugging by issuing a command like call foo("123").

How do I do the same in OllyDbg (or possibly some other primarily Windows debugger)?

ollydbg doesn't support this natively, you might get it done with a plugin however — Necrolis, Nov 07 '12 at 13:58

score 5 · Accepted Answer · answered Nov 07 '12 at 13:39

I don't know how to do it using OllyDbg but since you mention other Windows Debuggers you can use the .call command in WinDbg.

0:001> .call ABC!DoSomething(1,2)
Thread is set up for call, 'g' will execute.
WARNING: This can have serious side-effects,
including deadlocks and corruption of the debuggee.
0:001> r
eax=7ffde000 ebx=00000001 ecx=00000001 edx=00000003 esi=00000004 edi=00000005
eip=10250132 esp=00a7ffbc ebp=00a7fff4 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000             efl=00000246
ABC!DoSomething:
10250132 55               push    ebp
0:001> dd esp
00a7ffbc  00a7ffc8 00000001 00000002 ccfdebcc

The best explanation for it is from The Old New Thing.

score 0 · Answer 2 · answered Jan 28 '13 at 23:13

0

In its default installation, Ollydbg can do this only for DLLs which have exports:

Debug > Call DLL export

For executables and DLLs without exports, you will have to build a plugin to do this.

answered Jan 28 '13 at 23:13

Kiran Bandla

686
4
10

Equivalent of GDB's "call" in Ollydbg (or other Windows debugger)

2 Answers2