![]() The actual function I need in the end to complete my task is as following.Ġx1 PUSH EBP - the encrypted data is loaded. When ever the breakpoint is hit the memory contents will be dumpedĪnother snapshot to explain the words better below To automate use this command with conditional log breakpoint pass commands to plugin when paused functionality (shift+f4) Second command will dump 0x45 bytes from 0x402085 to the specified folder Or may be writemem 0x403085 0x45 f:\foo\blahįirst command will dump 0xxxx bytes pointed by from address pointed by to the preexisting folder c:\dumps In the dialog box type writemem dword c:\dumps Usage as follows alt+f1 or plugin -> cmdline plugin. writememĮnhancements being original source altered considerably to make it compile with visual studio 2010 express (old commands not tested) ![]() This plugin is an enhanced version of modified cmdline plugin for ollydbg 1.10 by anonymouse (openrce blog) and contains one extra command. Possible crash path fixed (FindModule -> Mod-name can be null if FindModule return null in such cases added "unknown_module" string as modulename for sprintf_s) writememĭownload and put the dll in ollydbg 1.10 plugin path. Modified cmdline plugin with an added command. Uploaded below is an ollydbg plugin enhanced from anonymouse (openrce blog) Afaik none of existing plugins offer windbg's.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |