Jump to content
Tuts 4 You

Tools & Utilities

2 files

  1. PluginFix

    This simple tool will fix OllyDbg or old Immunity Debugger plugins to work with the new ImmDbg v1.80, where many things have changed since previous versions making plugins incompatible.

    To use, simply drop one or more plugins onto the FixPlugin.EXE file and new plugin files will be generated with an extra "_Fixed" part to the file name. Then copy the generated file to the ImmDbg plugins path.

    The program will display information about the imports and exports that have been processed, should you be interested.

    Obviously this program will not work on compressed plugin DLLs, but if you have any plugins that can't be fixed send them to me and I'll try to fix for next release.




  2. PDK for Delphi

    This is an update to the Immunity Debugger (unofficial) Delphi PDK.

    New in this version:
    All debugger exports are resolved dynamically. This means your plugin will not be forced to use debugger with certain name, which is useful for evading anti-debug tricks. Plugins developed with this PDK can also be used with standard OllyDbg and patched editions, including : SND OllyDbg, FOFF Team OllyDbg, Shadow OllyDbg, Diablo2oo2 OllyDbg and others. No changes are needed to your code to allow use with other debuggers, all this is handled invisibly and automatically. How it works:
    The SDK has startup code which checks which Debugger is loading it, if Immunity Debugger then no changes are needed. Otherwise, the code tries to determine which edition of OllyDbg is being used. If OllyDbg Exports Rva is removed (Shadow and Diablo2oo2 versions) then it is found, and the exports are dynamically filled into the plugin. If OllyDbg Exports are ordinals (SND version) then the ordinal values are used to resolve exports. For OllyDbg to load the plugin, the plugin callback functions exported from the plugin are patched in memory to have _ODBG_ prefix before the debugger checks the names.  For FOFF Team and SND versions, the plugin callback functions are different to standard OllyDbg, and these are patched with _FOFF_ or _SNDG_. How to use:
    Simply add the unit to your Delphi plugin project file and ensure the exports are for Immunity Debugger (with _IMMDBG_ prefix to names) everything else is automatic! Any plugin you create with this PDK will be compatible with Immunity Debugger, normal OllyDbg and most popular patched versions of OllyDbg.




  • Create New...