原文出处:
http://www.blogcn.com/blog/trackback.asp?mydiary=4079549
--------------------
thinks immlep
--------------------
URL:
http://sandsprite.com/CodeStuff/VB_Plugin_for_Olly.html
Ok some people will ask why I would bother...but VB really makes interfaces a breeze, is super quick to debug, and well my entire code base is already written in it.
So this article highlights a way to make a VB plugin for OllyDbg. This same technique should also work for IDA plugins.
Olly was written in C and all of its plugin APIs use the cdecl calling convention. To be able to interface VB with it, we need to use stdcall functions and have the VB runtime properly loaded and initalized.
The easiest way to accomplish both of these things at once is to create a small stub Dll plugin in Cpp for Olly to load. This stub will handle the plugin initalization, adding menu items to Olly, and then starting up our VB code when it is time to launch our plugin.
The plugin stub is also responsible for providing the VB app with a set of stdcall functions so it can access the Olly cdecl plugin API.
When it comes time to launch the plugin, our Cpp code creates an instance of our VB COM server and calls a method on its main interface. This loads and initilizes VB runtime and transfers execution over to our VB Code.
The VB code then in turns uses stdcall exports from the Cpp dll via the VB Declare function mechanism. A basic block diagram looks like the following:
查看图片
http://www.blogcn.com/User14/immlep/upload/200492710455494102.jpg
This sample plugin will extract all user entered comments from Olly. Thanks goes out to Joe Stewart and his LabelMaster plugin for an example on how to yank the comments out using Ollys plugin API
To install the plugin just copy both dlls over to your Olly plugins directory. Make sure to register the VB dll (VbOllyPlugin.dll) with regsvr32 because it is a COM server. Both Dlls have to be in the same directory so the VB one can load the exports from the stub.
I suppose the next step to this is to have the Cpp stub be able to enumerate and dynamically load and initilize multiple VB plugins for use and integration in Olly. Where the Cpp olly plugin would in turn support its own plugin framework designed around VB modules for integration back into Olly. However I am not that bored at this moment
Anyway, I was wondering how to interface a VB UI as an Olly plugin so here it is :P
Download Sample files :
http://sandsprite.com/CodeStuff/vb_plugin_for_olly.zip
-dzzie
- as a side note, this is not limited to only working between 2 dlls
you can also export functions(
http://sandsprite.com/CodeStuff/exe_export.zip) from your VC exes and use the same trick
[课程]Linux pwn 探索篇!
