Stack Overflow
Stack Overflow

Questions tagged [ollydbg]

OllyDbg is a Ring3, Win32 debugger.

OllyDbg is a Windows 32-bit assembly level debugger and disassembler created by Oleh Yuschuk. OllyDbg operates in Ring3, or userland, rendering it unable to debug device drivers and kernel components.

It supports user created plugins. Currently version 2 is in development by Oleh.

More information can be gotten from the homepage.

276 questions
0
votes
1 answer

Ollydbg target runs automatically

I have a target that automatically runs after I load it in to Ollydbg. This form, doesn't stop at the entry point (but continues to execute and at a point it pauses, I have to press shift + f9.) Is there any way to debug it??
Arunabh Ray
  • 1
0
votes
1 answer

windows memory segmentation & Ollydbg

a few questions about windows memory segmentation. every process in windows got his own virtual memory. does it mean that each each process has it own task (I mean own Task descriptor or Task gate) ? I opened a simple exe with ollydbg and I saw…
arkadish
  • 345
  • 2
  • 13
0
votes
0 answers

OllyDbg: MessageBoxA causes access violation

I am trying to inject code for the first time and basically everything works so far.. but the problem is, that after I run the program and it calls method MessageBoxA() an access violation occurs. The problem is, that the ESI cpu register does not…
Stefan Falk
  • 23,898
  • 50
  • 191
  • 378
0
votes
1 answer

cannot find the reference string in ollydbg

Im trying to obtain a serial key for a downloader manager. Im using ollydbg to get it and follow the tips mentioned in youtube. I looked for the reference string that matches "30 days" because whenever I try to install this app it always say that…
srh snl
  • 797
  • 1
  • 19
  • 42
0
votes
1 answer

Disassembling file that contain big data or is compressed

this is fourth day I am trying to figure out how to break down an exe. Still having no luck, file is giving debugger error right after it is runned. I am using OllyDBG, it seems that file is either compressed or contains big ammount of data. I think…
Trouble
  • 428
  • 3
  • 21
0
votes
1 answer

Is there a way to open multiple memory dumps in OllyDbg?

I would like to view multiple areas of memory at the same time in OllyDbg but there seems to be only a single "Dump" windows, which is activated by the "Show in Dump" command. Is there any way to get multiple such windows open?
Tyler Durden
  • 11,156
  • 9
  • 64
  • 126
0
votes
1 answer

Ollydbg is not displaying api calls in comments. It will not analyze the program either

I am using Ollydbg 2.01 on Windows 7 x64. Any time I open a program, Olly does not display the API calls. Here is what I would like to see, notice the API calls in the comments section: And here is what I see Note the lack of API calls and just…
N0ug4t
  • 191
  • 1
  • 12
0
votes
1 answer

Determining the rate at which a function is called with OllyDbg

How can I find out how many times per second a particular function is called using OllyDbg? Alternatively, how can I count the total number of times the EIP has a certain value? I don't want OllyDbg to break on executing this code.
user858518
  • 21
  • 2
0
votes
2 answers

How to guess next instruction to execute in assembly with dynamic memory

A friend of me challenged me to hack a small program he coded. Basically, it is an exe file that displays an image but in order to do so you need a key file with a password. I started to reverse engineer it with ollydgb and I was able to figure out…
martinvigo
  • 143
  • 3
  • 10
0
votes
1 answer

ollydbg - two noob questions regarding plugins

I have the basics of ollydbg covered fairly well but have come up against a brick wall: Cant find referenced text on search, can anyone reccomend plugins to get around this? Plugin directory is referenced in options => directories but on the…
user1477834
  • 65
  • 1
  • 1
  • 9
0
votes
1 answer

How to bring OEP in ollydbg scope?

I want to reverse a program in olly.The segment that olly loads is not .text and the OEP is out of the olly virtual address scope. The OEP and the segments addresses can be find with PE editors like LordPE, PEexplorer and PEiD. How can I bring the…
n1kita
  • 263
  • 1
  • 5
  • 15
0
votes
1 answer

OllyDbg on win7 64 bit

I've been following along lena151's tutorials on reverse engineering and all is going well except for unpacking. I'm running olly on a 64 bit windows 7 machine and it works fine except when the EP is always "JMP 71B00000" after following the jump an…
user1241223
  • 35
  • 4
  • 10
0
votes
1 answer

how to break in ollydbg debugger?

i'm really new to debugging, and debugging is not my strong point so just so i'm not confusing anyone, i'm not asking how to set a breakpoint in a program using ollydbg, but the break feature, somewhat similar to the break that is available in…
PicksAndPony
  • 299
  • 1
  • 2
  • 8
0
votes
1 answer

Why does stepping every instruction crashes while launching the program works? [debugging]

I'm trying to follow the execution instructions of a simple program I compiled with C++ (it calculates some prime numbers then exits) in a debugger (ollydbg) but I have several questions: Why the first instruction isn't the entry point of the…
Marco A.
  • 43,032
  • 26
  • 132
  • 246
0
votes
1 answer

functions in same class

is there a way in ollydbg that allows me to find all functions in a class , like if I know one function of that class can I find the other functions , so like class A{ int sum(); int powr(); } and in ollydbg I know where to break onsum() but I…
Abanoub
  • 3,623
  • 16
  • 66
  • 104
1 2 3
18 19