Typedef int MENUFUNC(struct t_table *,wchar_t *,ulong,int) The plugin is at alpha - Z stage and uses OllyDBG version 2.01g plugin kit and is built by Winddk (Windows 7 wdk C:\WinDDK\7600.16385.1) There is a modification required to plugin.h as follows to avoid crashing due to stack unbalance (the same source compiled with vs 2010 and unmodified plugin.h works ok, it seems the wdk compiler is behaving differently the modification to plugin.h is as follows (added a _cdecl so that stack is cleaned up properly)Ĭ:\ollydbg2beta\plug201ft\Visual C>fc plugin.h d:\Plugin_Template_For_ODBG_20001_WDK\plugin.hĬomparing files plugin.h and D:\PLUGIN_TEMPLATE_FOR_ODBG_20001_WDK\PLUGIN.H (Use OllyDbg2FixeR Plugins To Fix Bug In SnD v2.2)Ī small sample plugin for OllyDBG 2.01g using WinDBG's dbgeng functions especially local kernel debugging output. NOTE: MAYBE THE HOTKEY DO NOT WORK WITH THE MOD OLLYDBG (SND v2.2) "Gray *" : Set "Malware Analysis" breakpoint group "[" : Go to start of function (You must analysis code before use it) "Esc" : go EIP(current origin) (Allow on any MDIWindows) You must PRESS and HOLD the hotkey in 0.1s for it work PRESS and HOLD "H" key in 0.5s to Register/Unregister Hotkey Follow In Disassembler (Ctrl + Alt + D) Address (Copy selected address)(Alt + Insert) Delete All Mem BPs (Delete all Memory Breakpoints) Delete All Hard BPs (Delete all Hardware Breakpoints)
Delete All INT3 BPs (Delete all INT3 Breakpoints) Address (Copy selected address) (Alt + Insert) WIDE (str) (Copy wide string to clipboard) (Ctrl + Alt + W) ASNI (str) (Copy ansi string to clipboard) (Ctrl + Alt + A)
0 kommentar(er)
