Guest Dreamer9210 Posted September 3, 2009 Share Posted September 3, 2009 Hello! I'm using OllyDbg quite often, and sometimes I use it to add/edit functionality to existing binary applications. It's very convenient to see the changes in real time, being able to insert breakpoints while writing/editing the code. But the main problem, in my opinion, is that it's difficult to maintain already written code - if I have to insert or remove commands, I have to manually fix calls/jumps. That's why I wanted to write a plugin to fix the situation, but I am not experienced in writing OllyDbg plugins, and I don't have much time for it, so I want to share the concept with you: Click here It's similar to the known Code Ripper plugin, with an extra feature to allow to patch changes back to the running process. Perhaps one of you legendary plugin writers will make us happy by writing it. Share your opinions! Cheers. Link to comment
Ufo-Pu55y Posted September 3, 2009 Share Posted September 3, 2009 tried it? http://www.tuts4you.com/download.php?view.1221 Link to comment
Guest Dreamer9210 Posted September 3, 2009 Share Posted September 3, 2009 Thanks, a nice plugin! Although it crashed a couple of times in a 5 min testing, it's buggy (jmp eax assembles as jmp $, for example), has it's own syntax, and cannot get code directly from an executable, it can be quite useful Is the source code available? I might make some fixes if it is. Link to comment
Ufo-Pu55y Posted September 3, 2009 Share Posted September 3, 2009 jmp eax assembles as jmp $I didn't get that one :? Regarding the source, I was looking for it aswell in the past.. no luck.In any case you should try out this baby, too: http://forum.tuts4you.com/index.php?showtopic=14483He promised to improve it, but I assume he's kinda outta it :\ Link to comment
Guest Dreamer9210 Posted September 3, 2009 Share Posted September 3, 2009 jmp eax assembles as jmp $I didn't get that one :?If you try something like:@0x00401000:jmp eaxIt assembles EB FE (jmp 0x00401000 in this case, jmp $ in MASM) insteadIn any case you should try out this baby, too: http://forum.tuts4you.com/index.php?showtopic=14483He promised to improve it, but I assume he's kinda outta it :\The assembler here does not support labels and multiple addresses, so it's like assembling in OllyDbg, nothing specialIt has some nifty features though, like showing selected block size in bytes, and copying the address of a command Link to comment
Ufo-Pu55y Posted September 3, 2009 Share Posted September 3, 2009 (edited) jmp eax Uh ya, never noticed before.. doesn't even matter at all which string follows the jmp (as long as no C hex value) :\ "jmp ~~~wtffffffomg~~~" turns into EBFE.. let's call it feature instead Edited September 3, 2009 by Ufo-Pu55y Link to comment
Guest Dreamer9210 Posted September 9, 2009 Share Posted September 9, 2009 OK, I'm in a process of writing an alternative Stay tuned Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now