what plugins must i have in ollydbg?

[Pushad]

what plugins must i have in ollydbg?

[ghandi]

For such a generic question there is no anwer, there really isn't.

Would be able to give a little more detail, such as what you intend to do with OllyDbg, etc? That way anybody who might be able to help could, rather than just throwing darts at the board blindfolded, hoping to get a bulls-eye.

HR,

Ghandi

[deepzero]

check some pre-configured ollys to get an overview of frequently used plugins....

[Pushad]

Look like a LOL question

I will leave it.

People like you make us hate to ask any questions

[deepzero]

People like you make us hate to ask any questions

well, the question just wasn't good.

If you are happy with a plain olly, you dont need any plugins.

If you feel like hey,some plugin to hide my debugger would be awesome -> check for an anti-debugger plugin.

You can also skim through the olly plugins and try out some you think might be cool.

A better question might have been "what`s you favorite olly plugin?", but i think we had that question already....

[CodeExplorer]

People like you make us hate to ask any questions

well, the question just wasn't good.

@carbotpc:

This is what I mean

Edited April 28, 2011 by CodeRipper

[chickenbutt]

Something to hide it, something to help with caves, and learn about all the bugs in the dissassembly used by protectors..

[Adicus]

I know this is an old topic, but I'm surprised no one was very helpful. To keep this from being a total waste to the next person who might stumble in or get redirected to this post; good plugins to have are Olly Advanced 1.26, PhantOm, AnaylzeThis!, OllyDBG Script (make sure the ODbgScript.dll is at least v1.82.6.110 as some scripts won't run with the older ODbgScript.dll's). Using a basic Olly with NO plugins will prevent you from even running most protected targets, let alone reversing them. You can download custom Olly 1.10 variants like DRX, Olly ICE, SND, etc. But some are kinda glitchy and packed with useless junk and might overwhelm a newbie. If you're new to the scene, a basic 1.10 Olly and the aforementioned plugins will get you up and running. Watch "Lena 151" tuts for a primer on basic Olly settings. I believe she covers important settings to tick in her early tut. You're only allowed 10 downloads in a 24 hour period, so choose wisely. A bug with the site might stop you from downloading in quick succession or stop you after your 2nd- 3rd download. If that happens, try one of the other reputable sites Arteam, Woodman, etc. I think there used to be link from Tuts 4 You to connect with these sites but I can't find them. Hopefully this info is helpful to the next person and doesn't cause discouragement to the art.

[chickenbutt]

I know this is an old topic, but I'm surprised no one was very helpful. To keep this from being a total waste to the next person who might stumble in or get redirected to this post; good plugins to have are Olly Advanced 1.26, PhantOm, AnaylzeThis!, OllyDBG Script (make sure the ODbgScript.dll is at least v1.82.6.110 as some scripts won't run with the older ODbgScript.dll's). Using a basic Olly with NO plugins will prevent you from even running most protected targets, let alone reversing them. You can download custom Olly 1.10 variants like DRX, Olly ICE, SND, etc. But some are kinda glitchy and packed with useless junk and might overwhelm a newbie. If you're new to the scene, a basic 1.10 Olly and the aforementioned plugins will get you up and running. Watch "Lena 151" tuts for a primer on basic Olly settings. I believe she covers important settings to tick in her early tut. You're only allowed 10 downloads in a 24 hour period, so choose wisely. A bug with the site might stop you from downloading in quick succession or stop you after your 2nd- 3rd download. If that happens, try one of the other reputable sites Arteam, Woodman, etc. I think there used to be link from Tuts 4 You to connect with these sites but I can't find them. Hopefully this info is helpful to the next person and doesn't cause discouragement to the art.

If you're actually using it, and not just script unpacking and patching stuff, the only tool that will help you is a hooker for hiding and a IT scanner. I've yet to see any plugin that actually helps with protected PE, and without protection you don't need anything but a dumper like ollydump.

One useful tool would be something for thread tracing and TLS, but that doesn't exist.

[cozofdeath]

My absolute favorite common plugins and version of Olly are (at the moment):

SND Olly: this comes with a list of fixes made to it (none compare in my opinion)

Stealth64 plugin: It just works and at a more discrete lower level than others.

TLSCatch: Seems to always work. You just set it and forget it.

OllyDump: A must for dumping your unpacked file. (some times the PE Dump plugin works for the very rare cases this one doesn't)

ODBGScript: A must for unpacking if you don't want to waste your time.

Poison: Has many options and is rarely detected.

StollyStruct: Helps big time with everything. (ex. tracing a file with SEH and NtContinue exceptions. looking up the CONTEXT structure helps you find your way.) Olly v2 is getting much better at detecting structures and other things alike.

CodeDoctor: Awesome plugin! Support for it But it does help if your unpacking current protectors.

This is just a common list of ones I love to use and they seem to work. One of the best features I have found for unpacking is the NX bp or set on execute bp. With this you can find the OEP of most protectors in a matter or 1-4 runs. Stealth64 implements this better than any other plugin I have seen (out of 2 others). It also allows you to trace over exceptions which helps a lot. Some other useful tools are PEiD/PiD, CFF (swiss army knife for reversing), LordPE, Reflector w/plugins, ImpRec (a must for fixing dumped IATs), HxD, and Olly v2. With these tools you should be able to do 90% of what you want. However, there are many more plugins and tools to make things easier but in my opinion these are just some of the best. Also, I'm geared more towards unpacking rather than just debugging, or keygenning, or malware/exploit research, etc so you may like other plugins.

Edited June 13, 2011 by cozofdeath