Stack Overflow
Stack Overflow

Questions tagged [ollydbg]

OllyDbg is a Ring3, Win32 debugger.

OllyDbg is a Windows 32-bit assembly level debugger and disassembler created by Oleh Yuschuk. OllyDbg operates in Ring3, or userland, rendering it unable to debug device drivers and kernel components.

It supports user created plugins. Currently version 2 is in development by Oleh.

More information can be gotten from the homepage.

276 questions
31
votes
5 answers

JNZ & CMP Assembly Instructions

Correct me if I am wrong. This is my understanding of JNZ and CMP. JNZ - The jump WILL take place if the Z Flag is NOT zero (1) CMP - If the two values are equal, the Z Flag is set (1) otherwise it is not set (0) This is a flash tutorial I am…
43.52.4D.
  • 950
  • 6
  • 14
  • 28
18
votes
3 answers

How do I bypass IsDebuggerPresent with OllyDbg?

I don't really understand how to get around IsDebuggerPresent. I think I am supposed to find the registers used for debugging and then set it to 0 to trick IsDebuggerPresent, but I don't know how to do that. I tried searching around Google, and even…
Strawberry
  • 66,024
  • 56
  • 149
  • 197
11
votes
1 answer

Windbg memory map?

How can I get a memory map in Windbg similar to Ollydbg's memory map functionality? I want to see a list of the address space sequentially showing what is loaded into each range, ideally with memory protections indicated. Here is a screen shot of…
Tyler Durden
  • 11,156
  • 9
  • 64
  • 126
10
votes
1 answer

How to setup plugins for ollydbg 2.x.x?

I downloaded the latest ollydbg 2.x version from its official site and some plugins from tuts4you. But how to enable/install the plugins?
Mickey Shine
  • 12,187
  • 25
  • 96
  • 148
10
votes
1 answer

Manually setting breakpoints in WinDBG

I am trying to examine the assembly for an executable using WinDBG, but I am having a hard time getting to it. I want to set a breakpoint at the first instruction in my program, but when I try to do that manually (using the address of the module),…
Chris Finley
  • 3,901
  • 5
  • 24
  • 32
9
votes
2 answers

Disassembling self-modifying code

I've been just wondering - how does one disassemble self-modifying binary? I guess you can't use olly or IDA because they are static disassemblers, correct? What happens with disassembler if you jump into middle of an instruction? And how does one…
Samuel
  • 2,430
  • 5
  • 31
  • 41
8
votes
2 answers

What are the key differences between IDA and x64dbg?

IDA pro ,x64Dbg, olldbg & windbg are used to Reverse Engineering purposes(as a Dissembler) and debugging. What are the main differences among them? when to use each?
Buddhika Chaturanga
  • 957
  • 2
  • 14
  • 29
8
votes
2 answers

How can I set a breakpoint for a button click using ollydbg?

How can I set a breakpoint for a button click using ollydbg? i am trying to disable a button click on game client, so i want to set break point to catch the button click event. is that possible to happen with ollydbg?
user3725506
  • 155
  • 1
  • 1
  • 7
8
votes
1 answer

Code highlighting is not working on OllyDbg

I am a new user of OllyDbg and I cannot find a way to highlight the ASM code. I have checked the settings and it looks like the configuration is correct. Also, I have tried two versions of OllyDbg (1.1, 2.0).
Tonatio
  • 4,026
  • 35
  • 24
7
votes
1 answer

Reverse engineering on my simple C program

I would like to start learning reverse engineering. So I decided to start simple. I created this simple program: #include #include int main(int argc, char *argv[]) { printf ("Hello World!\n"); system("PAUSE"); return…
funerr
  • 7,212
  • 14
  • 81
  • 129
7
votes
2 answers

What are the differences between OllyDbg and WinDbg?

My simple understanding is OllyDbg is a user mode debugger, which you could use to debug "normal" apps. WinDbg is a kernel mode debugger, which you could use to debug itself. Is that right?
anta40
  • 6,511
  • 7
  • 46
  • 73
7
votes
1 answer

OllyDbg 2.01 - Finding a command referencing a static string

I've taken up cracking and reverse-engineering recently with the help of OllyDbg 2.01 and crackmes executables. So in this particular crackme, I was scrolling through the commands and noticed a PUSH with an ASCII string "&File" (it's a menu string)…
Ely
  • 1,189
  • 9
  • 12
7
votes
2 answers

Cracking C# application with OllyDebug

I would like to know if there is a way to crack C# Windows application with OllyDebug. I have simple my own CrackMe application written with Visual C# 2010 Express. When I open it with OllyDebug and modify ASM code as I need, there is no "Copy to…
t3rmin41
  • 668
  • 2
  • 8
  • 18
7
votes
1 answer

How to enable Microsoft Symbol Server in OlyDbg?

OlyDbg version 2 was recently released. It now supports using the Microsoft Symbol Server for debugging: It supports Microsoft compilers via dbghelp.dll. New is support for symbol server, stack walking using dbghelp and names of procedure…
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219
7
votes
1 answer

Ollydbg "Single step event at ntdll - Press shift+f8 to pass execution...."?

I had olly 2 Beta which was working fine but it misses some old features of Olly 1 like Call stack window and also it doesn't works with any plugins. So i decided to switch to Olly 1.10. The problem is, whenever i load any program, it says "Single…
Jaspreet Singh
  • 321
  • 1
  • 6
  • 13
1
2 3
18 19