OllyDbg 2.0

Last update: June 02, 2010 - final release. Here it is.

You haven't heard much about OllyDbg 2.0 for a long time. Unfortunately, I am permanently busy and have not much free time.

But there is a progress. I have made many changes and bugfixes, among them:

- prn bombed me with many, many ideas and found bugs. For example, he reported massive problems with UNICODE filenames that use extended charset. And no, Windows doesn't convert them automatically to ASCII. As OllyDbg is still an ASCII application, now I convert such names to old 8.3 DOS format.  Active breakpoint were not marked in the corresponding breakpoint windows; memory breaks were falsely hinted, and so on, and so forth... Thank you, and please don't stop!
- William reported bugs with PUSH AH etc. Yes, there are no such commands, but OllyDbg v2.0 happily assembled them.
- Keyboard shortcuts did not work in Edit/Search dialog. Reported by mailnew2ster.
- Ange gave me the complete list of 80x86 commands as a compiled executable file. He found many assembly/disassembly errors. With his list, we were able to remove them. He also criticided my "English" help file for grammatical errors, silly old me!
- Eric, deepzero and karmany reported problems with highlighting and comments.
- John found out that Always on top may hide error messages.
- Aaron and many other reported crash on structure decoding, namely on those where some elements were unnamed, like elements of array.
- I thought that exe/dll with 5 MB code section is really large, until Ivar sent me an executable which code section was 83,079,168 bytes (SEVENTY NINE MEGABYTES) long! Analysis attempted to allocate more than 1,5 GB of memory - still not a problem, but due to fragmentation, my memory manager was unable to execute the request. It was necessary to redesign it.
- Rinze pointed at problem with memory breakpoints on stack. OllyDbg did not check memory addressed indirectly by ESP.
- NCR asked for the search for process name in Attach window by typing its name.
- numax suggested list of user comments.
- Hopefully OllyDbg will support Chinese and Japanese fonts in dialog boxes (Edit/Search data), main issue that we tried to debug together with locklose. It should work, but I can give you no warranty. Please check.
- And, a couple of days ago, edemko discovered that conditional jums on LOOPZ/LOOPNZ are falsely predicted. This was the last bug corrected in the version 2.00.

The list is far from complete, altogether I received more than 100 reports and suggestions. So for all contributors: Without your help, OllyDbg 2.0 would not exist. Thank you very much!

And now about my plans for the future. Probably I will convert OllyDbg to UNICODE. There are too many places where ASCII is not fully supported by Windows, like file names with extended charset or controls that don't receive WM_WCHAR. This will mean end for Win95 and WinME users. Those who use WinNT, 2000, XP and Win7 will notice nothing. Of course, plugins will be forced to UNICODE, too.

I plan to introduce experimental plugin support in the version 2.01. The interface is not yet defined. If you have written plugins for v1.10, please send me your ideas and suggestions now!

Version 2.01 will finally work under 64-bit Windows. Probably I will start developing 64-bit OllyDbg, but this depends on my free time.

http://www.ollydbg.de/version2.html

[培训]二进制漏洞攻防（第3期）；满10人开班；模糊测试与工具使用二次开发；网络协议漏洞挖掘；Linux内核漏洞挖掘与利用；AOSP漏洞挖掘与利用；代码审计。