Here the program specifies the names of API functions, library functions, etc. That's a great possibility, isn't it?Ĭomment - This column contains additional information about the command. Furthermore, the corrected program text can be written into the executable module. The corrected command will be further used in the debugging process. If you double-click this command, the window for editing the Assembly command will appear. This means that you have set a breakpoint to that command (address).ĭisassembly - This column contains the Assembly mnemonics for the command. When you double-click this column, the address shown in the first column is highlighted in red. The same column marks the loops that the debugger has successfully recognized. In addition, the column provides various icons that allow you to understand the program logic: For instance, they specify commands, to which there are jumps ( >) and commands that carry out the jumps ( ˆ for up and ˇ for down).
#OLLYDBG CODE#
In this case, you'll see the code as such and the operand value. By double-clicking this column, you'll convert all addresses into offsets counted from the current address ( $, $-2, $+4, etc.). This column contains the virtual address of the command, which is assigned when the command is loaded into the memory. The disassembler window contains four columns:Īddress - The command address column.
#OLLYDBG WINDOWS#
These windows are the most important ones, without which it is impossible to debug applications. I strongly recommend that you do so.įigure 2.16: The OllyDbg debugger with a loaded program Some of these windows will be described in this section other ones you'll have to study on your own if you like this debugger and are going to use it regularly. The list of all available windows is presented in the View menu. In addition, other windows are available for use. These are the disassembler window (top left), data window (bottom left), registers window (top right), and stack window (bottom right).
In addition to the traditional main menu and the toolbar, the main window contains four informational panes. The main window of OllyDbg is shown in Fig. In general, there are rich possibilities, some of which will be covered here. It is possible to load an executable module into this debugger, as well as to connect to the running process.
This debugger supports all processors of the 80x86 family and correctly interprets most numeric formats. Such features have never been typical of the instruments in its class. For example, it is capable of determining procedure parameters and loops, and of detecting constants, arrays, and strings. This is an excellent debugger in its class.
0 kommentar(er)
