[求助]能否详细OD插件及功用-加壳脱壳-看雪-安全社区|安全招聘|kanxue.com

最新回复 (4)
liuyilin 雪币： 303 活跃值： (461) 能力值： ( LV2，RANK：10 ) 在线值：发帖 51 回帖 1007 粉丝 1 关注私信	liuyilin 2 楼只能靠自摸了 2005-9-20 20:33 0
飞龙雪币： 195 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 75 粉丝 0 关注私信	飞龙 3 楼找了四个OD插件: 1、MapConv 1.4 2、mfc42插件 3、OllyDbg脱壳插件-OllyDump v2.20.108 4、WindowInfo插件 5、IsDebuggerPresent 1.3 但是没有具体说明,只知道第三个是用来脱壳用的,网上也没有这方面的说明,所以知道的朋友能否做个介绍,给我等这些菜鸟的菜鸟一个很好的学习机会,谢谢! 另外,老看雪论坛关闭注册http://wangming.west263.com/winroot/ollydbgplugins.rar无法下载,哪位朋友能否提供OD1.09C插件的下载. 2005-9-20 20:58 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 4 楼 MapConv 1.4 plugin for OllyDBG by godfather+, TBD and SHaG [:Purpose:] converts map files from IDA or DeDe to OllyDBG [:Introduction:] Here is my first plugin for OllyDBG. I don't know c++ but this magnificant debugger give me patience and will to do that. Please don't laugh on my c code. [gf+] [:Usage:] Copy mapconv.dll in OllyDBG directory and then 1. You must create .map file using IDA or DeDe 2. Run program from OllyDBG or atach to it 3. Select what info to replace (comments or labels) 4. Use plugin to select map file for this process 5. Right-click on CPU window, and "Search for"/"User-defined comment" or "User-defined labels" to browse the imported info from map file [:History:] 1.4 added dynamic resolution of the address of code section. should now work for dlls and other processes that don't have codebase = 00401000h =) 1.3 recompiled with OllyDbg Plugin Developement Kit v1.8 + BCB60 1.03 bug fixes and some features added 1.02 recompiled with OllyDbg Plugin Development Kit v1.06 1.01 added option to replace comments and/or labels 1.00 first release [:Note:] if you mixed up map files just delete process.udd which resides in OllyDBG directory. [:Thanks:] Olly: based on his bookmark sample plugin [:Contact:] godfather+ : gfplus@softhome.net TBD : tbd@despammed.com SHaG : bik78@mail.ru or SHaG on EFnet forum : http://ollydbg.has.it 去这里下载部分插件完整压缩包，然后看其说明 http://www.pediy.com/tools/Debuggers/ollydbg/plugin.htm 2005-9-20 21:02 0
飞龙雪币： 195 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 75 粉丝 0 关注私信	飞龙 5 楼谢谢版主给予指明方向,由于本菜鸟E文不好,今后希望您老哥多加提点,谢谢! 2005-9-20 21:07 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (4)
liuyilin 雪币： 303 活跃值： (461) 能力值： ( LV2，RANK：10 ) 在线值：发帖 51 回帖 1007 粉丝 1 关注私信	liuyilin 2 楼只能靠自摸了 2005-9-20 20:33 0
飞龙雪币： 195 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 75 粉丝 0 关注私信	飞龙 3 楼找了四个OD插件: 1、MapConv 1.4 2、mfc42插件 3、OllyDbg脱壳插件-OllyDump v2.20.108 4、WindowInfo插件 5、IsDebuggerPresent 1.3 但是没有具体说明,只知道第三个是用来脱壳用的,网上也没有这方面的说明,所以知道的朋友能否做个介绍,给我等这些菜鸟的菜鸟一个很好的学习机会,谢谢! 另外,老看雪论坛关闭注册http://wangming.west263.com/winroot/ollydbgplugins.rar无法下载,哪位朋友能否提供OD1.09C插件的下载. 2005-9-20 20:58 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 4 楼 MapConv 1.4 plugin for OllyDBG by godfather+, TBD and SHaG [:Purpose:] converts map files from IDA or DeDe to OllyDBG [:Introduction:] Here is my first plugin for OllyDBG. I don't know c++ but this magnificant debugger give me patience and will to do that. Please don't laugh on my c code. [gf+] [:Usage:] Copy mapconv.dll in OllyDBG directory and then 1. You must create .map file using IDA or DeDe 2. Run program from OllyDBG or atach to it 3. Select what info to replace (comments or labels) 4. Use plugin to select map file for this process 5. Right-click on CPU window, and "Search for"/"User-defined comment" or "User-defined labels" to browse the imported info from map file [:History:] 1.4 added dynamic resolution of the address of code section. should now work for dlls and other processes that don't have codebase = 00401000h =) 1.3 recompiled with OllyDbg Plugin Developement Kit v1.8 + BCB60 1.03 bug fixes and some features added 1.02 recompiled with OllyDbg Plugin Development Kit v1.06 1.01 added option to replace comments and/or labels 1.00 first release [:Note:] if you mixed up map files just delete process.udd which resides in OllyDBG directory. [:Thanks:] Olly: based on his bookmark sample plugin [:Contact:] godfather+ : gfplus@softhome.net TBD : tbd@despammed.com SHaG : bik78@mail.ru or SHaG on EFnet forum : http://ollydbg.has.it 去这里下载部分插件完整压缩包，然后看其说明 http://www.pediy.com/tools/Debuggers/ollydbg/plugin.htm 2005-9-20 21:02 0
飞龙雪币： 195 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 75 粉丝 0 关注私信	飞龙 5 楼谢谢版主给予指明方向,由于本菜鸟E文不好,今后希望您老哥多加提点,谢谢! 2005-9-20 21:07 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复