Questions tagged [ollydbg]

OllyDbg is a Ring3, Win32 debugger.

OllyDbg is a Windows 32-bit assembly level debugger and disassembler created by Oleh Yuschuk. OllyDbg operates in Ring3, or userland, rendering it unable to debug device drivers and kernel components.

It supports user created plugins. Currently version 2 is in development by Oleh.

More information can be gotten from the homepage.

276 questions

votes

1 answer

How go to end loop shortcut in OllyDbg?

The loop starts with (ˇ) sign. I want to go to the loop's end (^). But I don't know a shortcut to do so.

debugging reverse-engineering ollydbg

asked Jun 22 '16 at 07:37

Sheisback

votes

1 answer

OllyDbg 2.0 Analyze procedure arguments

I've started watching Lena's reversing tutorials, and I've noticed that in the videos, OllyDbg analyzes arguments pass to functions as can be seen here: Now, I didn't use the suggested .ini file inside the tutorials because I use OllyDbg 2 instead…

reverse-engineering ollydbg

asked Jun 17 '16 at 23:51

Jorayen

1,737
2
21
52

votes

2 answers

What's the principle of ollydbg's memory breakpoint?

It seems only 1 memory breakpoint can be set, and it seems doesn't matter at which line the memory breakpoint is set,very weird,anyone can explain?

memory breakpoints ollydbg

asked Sep 22 '10 at 17:08

ollydbg

3,475
7
28
29

votes

1 answer

Disassemble a Dynamic Link Library with OllyDbg

Is there a option I can choose how to launch the DLL(like when debugging a dll project in visual studio)? As it seems to me when I drop the DLL into OD,the only option I have is to launch it by LOADDLL.EXE, is that the whole story?

dll reverse-engineering ollydbg

asked Sep 18 '10 at 05:05

COMer

1,117
4
14
24

votes

2 answers

Ollydbg - change string's first letter

I've written a small .exe program in C++. int main() { string myString = "Hello"; printf("%s", myString); return 0; } I need to use ollydbg in order to replace the first letter in the string and then print…

assembly reverse-engineering ollydbg

asked Feb 01 '16 at 12:08

David Faizulaev

4,651
21
74
124

votes

2 answers

Patching Arm Executable?

I must patch an arm executable in my Pocket PC. I am dissassembling the ARM executable with IDA Pro. But I can not edit binary. As you know Ollydbg let us to edit binary / add assembly code (Right Click->Assemble) But it doesnt support ARM. So I…

assembly arm patch ollydbg

asked Aug 16 '10 at 14:26

newbiereverser

votes

1 answer

Ollydbg : sign extending with Movsx

Movsx sign-extends a register with 1 right? So why in Ollydbg i got this : Before: After: I should have FFFFFF65 instead of 00000065 in ECX no? Thank you !

assembly x86 ollydbg sign-extension

asked Nov 12 '15 at 11:25

Duke Nukem

votes

2 answers

How to add comments to gdb output?

When debugging Windows application with Ollydbg, we can add comments to assembly language output as following: 00401020 push ebp ; add comment here Can we add comments to gdb output just like the way above? When we input disassemble in…

gdb comments ollydbg

asked Aug 06 '15 at 00:51

Bill

votes

2 answers

How to find a function of application with ollydbg?

Let's say i released the application below. using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using System.Threading.Tasks; using…

c# disassembly ollydbg

asked Jun 10 '14 at 18:46

user3725506

votes

1 answer

can you debug 64bit target apps with Ollydbg 1.1?

I don't really get the difference between 2.0 and 1.1. the registers aren't even showing up as 64bit format in 2.0. Also 32bit apps take way too long to process with. Plugins aren't even fully supported. Is it possible to debug 64bit apps in 1.1…

debugging reverse-engineering ollydbg

asked May 13 '14 at 14:42

ksp0422

votes

1 answer

Editing a program with Ollydbg

This is my C++ code: #include #include using namespace std; void func1() { static int _count = 0; if (_count < 5) { __asm { pop eax push func1 } } _count++; …

c++ windows assembly inline-assembly ollydbg

asked May 13 '14 at 09:25

dnvThai

votes

3 answers

Can OllyDbg trace a launched exe?

If my product, MyApp.exe, is being debugged by OllyDbg (or any other debugger really), but the exe launches another one (such as MakeSerial.exe); will OllyDbg start debugging the newly-launched exe too? Or does it just trace MyApp.exe only? Thanks.

debugging exe executable trace ollydbg

asked Feb 11 '14 at 06:57

user3295980

votes

1 answer

Finding static addresses in .exe file

I have some software that reads out a value from another software's memory. I can perfectly find the static offsets of it with every update. My issue is the following: Let's say, the software uses ASLR with a base pointer of 0x00123456.. The static…

assembly exe reverse-engineering ollydbg

asked Dec 18 '13 at 15:38

user1610743

votes

4 answers

Ollydbg condition

I need Ollydbg to pause when one of the registers contains a certain string. Any way I could accomplish that?

debugging ollydbg

asked Dec 09 '09 at 16:15

samulisoderlund

votes

1 answer

What does the function VirtualProtect from Kernel32 do?

Im reverse engineering a file and I came across this line of code Call DWORD PTR DS:[3F1010] and ollydbg's comment to this line is, Kernel32.VirtualProtect The question is what does this function do? I already did my own research bout this function…

api assembly ollydbg kernel32

asked Jul 11 '13 at 07:46

srh snl

Prev 1 2 3

…

18 19 Next