-
-
[转帖]OllyDumpEx v0.92 / 2012-10-09
-
发表于: 2012-10-28 06:22
-
This plugin is process memory dumper for OllyDbg and Immunity Debugger.
Very simple overview:
OllyDumpEx = OllyDump + PE Dumper - obsoluted + useful features
Features
· OllyDbg version 2 plugin interface supported (EXPERIMENTAL)
· Select to dump debugee exe or loaded dll
· Dump any address space as section even if not in original section header
· Add dummy section to keep PE format consistency
· Fix RVA in DataDirectory to follow ImageBase change
· Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)
Screenshot
Supported Debugger
· OllyDbg version 1.10 (tested 1.10)
· OllyDbg version 2.01 EXPERIMENTAL (tested 2.01 alpha 4)
· Immunity Debugger version 1.7x or (tested 1.73)
· Immunity Debugger version 1.8x or higher (tested 1.83)
This archive file contains plugin DLLs for each debuggers.
- v0.70 / 2011-07-01
Add: Support Immunity Debugger version 1.7x or lower
Improve: Data Directory rebuild option (support ImportTable)
Improve: Image Base Address alignment checking
Improve: Virtual Offset Address alignment checking
- v0.80 / 2011-07-15
Add: Support Immunity Debugger version 1.8x or higher
Improve: Data Directory rebuild option (check rewrite range)
Improve: Always round up PE header size to 0x1000 (ImportRec not extend itself)
Bugfix: TLS Data Directory ignored
- v0.90 / 2011-08-24
Add: Support OllyDbg version 2 plugin interface (EXPERIMENTAL)
Improve: Rewrite Wide/Multibyte-Character support code
Improve: Decode CopyOnWrite page attribute
Bugfix: Detect working directory
- v0.92 / 2012-10-09
Improve: Support OllyDbg version 2 plugin new interface
Very simple overview:
OllyDumpEx = OllyDump + PE Dumper - obsoluted + useful features
Features
· OllyDbg version 2 plugin interface supported (EXPERIMENTAL)
· Select to dump debugee exe or loaded dll
· Dump any address space as section even if not in original section header
· Add dummy section to keep PE format consistency
· Fix RVA in DataDirectory to follow ImageBase change
· Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)
Screenshot
Supported Debugger
· OllyDbg version 1.10 (tested 1.10)
· OllyDbg version 2.01 EXPERIMENTAL (tested 2.01 alpha 4)
· Immunity Debugger version 1.7x or (tested 1.73)
· Immunity Debugger version 1.8x or higher (tested 1.83)
This archive file contains plugin DLLs for each debuggers.
- v0.70 / 2011-07-01
Add: Support Immunity Debugger version 1.7x or lower
Improve: Data Directory rebuild option (support ImportTable)
Improve: Image Base Address alignment checking
Improve: Virtual Offset Address alignment checking
- v0.80 / 2011-07-15
Add: Support Immunity Debugger version 1.8x or higher
Improve: Data Directory rebuild option (check rewrite range)
Improve: Always round up PE header size to 0x1000 (ImportRec not extend itself)
Bugfix: TLS Data Directory ignored
- v0.90 / 2011-08-24
Add: Support OllyDbg version 2 plugin interface (EXPERIMENTAL)
Improve: Rewrite Wide/Multibyte-Character support code
Improve: Decode CopyOnWrite page attribute
Bugfix: Detect working directory
- v0.92 / 2012-10-09
Improve: Support OllyDbg version 2 plugin new interface
http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
|
|
|---|---|
|
|
|
|
|
|
|
|
支持2.0插件
|
|
|
有点意思的插件
|
|
|
|
|
|
論壇
_http://bbs.pediy.com/showpost.php?p=1111134&postcount=14 
|
|
|
http://bbs.pediy.com/showthread.php?t=140295
|
