A 32-bit assembler level analysing debugger for Microsoft Windows.
The OllyDbg application was developed to be a 32-bit
assembler level analysing debugger for Microsoft Windows. Emphasis on
binary code analysis makes it particularly useful in cases where source
is unavailable
.
NOTE:
This software is a shareware. To use this program on a permanent basis or for commercial purposes, you should register it by sending filled registration form to Ollydbg@t-online.de. The registration is free of charge and assumes no financial or other obligations from either side - just be fair and let me know that you like this software. Even your personal data in the registration form is optional (use your nickname or pseudonym if you want)
Here are some key features of "OllyDbg":
· Intuitive user interface, no cryptical commands
· Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
· Directly loads and debugs DLLs
· Object file scanning - locates routines from object files and libraries
· Allows for user-defined labels, comments and function descriptions
· Understands debugging information in Borland® format
· Saves patches between sessions, writes them back to executable file and updates fixups
· Open architecture - many third-party plugins are available
· No installation - no trash in registry or system directories
· Debugs multithread applications
· Attaches to running programs
· Configurable disassembler, supports both MASM and IDEAL formats
· MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
· Full UNICODE support
· Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!
· Recognizes complex code constructs, like call to jump to procedure
· Decodes calls to more than 1900 standard API and 400 C functions
· Gives context-sensitive help on API functions from external help file
· Sets conditional, logging, memory and hardware breakpoints
· Traces program execution, logs arguments of known functions
· Shows fixups
· Dynamically traces stack frames
· Searches for imprecise commands and masked binary sequences
· Searches whole allocated memory
· Finds references to constant or address range
· Examines and modifies memory, sets breakpoints and pauses program on-the-fly
· Assembles commands into the shortest binary form
· Starts from the floppy disk
Requirements:
· 586/100 processor (586/300+ recommended)
· Microsoft Windows 95, Windows 98, Windows NT 4.0 (Service Pack 2 or higher), Windows 2000 or higher operational system
· 64 MB physical memory (128 MB recommended)
· At least 2 MB free disk space
· VGA display (SVGA with screen resolution at least 800x600 is strongly recommended)
· Mouse or compatible pointing device (required)
What's New in This Release: [ read full changelog ]
· This is a major update of the plugin interface. Now plugins can actively influence the debugging process. They may set temporary breakpoints (Plugintempbreakpoint()) and receive notifications if breakpoint is hit (ODBG2_Plugintempbreakpoint()). If they receive exception notification, ODBG2_Pluginexception() may request to pause application or step over this exception. ODBG2_Pluginnotify() is extended and can force different mode of execution than requested by user.
· If necessary, plugin may create one or several options pages in a new Plugins options dialog, which is very similar to the Options. Pluginshowoptions() directly opens plugin-related options page.
· There is a new sample plugin, traceapi.dll, that demonstrates new features. It uses one-time memory breakpoints to detect all calls from the user code to the Windows API and protocols the arguments and values returned by APIs. Sample code does not include the Visual Studio project for traceapi. This is despairing - to compile a ...
NOTE:
This software is a shareware. To use this program on a permanent basis or for commercial purposes, you should register it by sending filled registration form to Ollydbg@t-online.de. The registration is free of charge and assumes no financial or other obligations from either side - just be fair and let me know that you like this software. Even your personal data in the registration form is optional (use your nickname or pseudonym if you want)
 |
| Click On Ballon! |
· Intuitive user interface, no cryptical commands
· Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
· Directly loads and debugs DLLs
· Object file scanning - locates routines from object files and libraries
· Allows for user-defined labels, comments and function descriptions
· Understands debugging information in Borland® format
· Saves patches between sessions, writes them back to executable file and updates fixups
· Open architecture - many third-party plugins are available
· No installation - no trash in registry or system directories
· Debugs multithread applications
· Attaches to running programs
· Configurable disassembler, supports both MASM and IDEAL formats
· MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
· Full UNICODE support
· Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!
· Recognizes complex code constructs, like call to jump to procedure
· Decodes calls to more than 1900 standard API and 400 C functions
· Gives context-sensitive help on API functions from external help file
· Sets conditional, logging, memory and hardware breakpoints
· Traces program execution, logs arguments of known functions
· Shows fixups
· Dynamically traces stack frames
· Searches for imprecise commands and masked binary sequences
· Searches whole allocated memory
· Finds references to constant or address range
· Examines and modifies memory, sets breakpoints and pauses program on-the-fly
· Assembles commands into the shortest binary form
· Starts from the floppy disk
Requirements:
· 586/100 processor (586/300+ recommended)
· Microsoft Windows 95, Windows 98, Windows NT 4.0 (Service Pack 2 or higher), Windows 2000 or higher operational system
· 64 MB physical memory (128 MB recommended)
· At least 2 MB free disk space
· VGA display (SVGA with screen resolution at least 800x600 is strongly recommended)
· Mouse or compatible pointing device (required)
What's New in This Release: [ read full changelog ]
· This is a major update of the plugin interface. Now plugins can actively influence the debugging process. They may set temporary breakpoints (Plugintempbreakpoint()) and receive notifications if breakpoint is hit (ODBG2_Plugintempbreakpoint()). If they receive exception notification, ODBG2_Pluginexception() may request to pause application or step over this exception. ODBG2_Pluginnotify() is extended and can force different mode of execution than requested by user.
· If necessary, plugin may create one or several options pages in a new Plugins options dialog, which is very similar to the Options. Pluginshowoptions() directly opens plugin-related options page.
· There is a new sample plugin, traceapi.dll, that demonstrates new features. It uses one-time memory breakpoints to detect all calls from the user code to the Windows API and protocols the arguments and values returned by APIs. Sample code does not include the Visual Studio project for traceapi. This is despairing - to compile a ...
0 comments:
Post a Comment