OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special highlights are:
Intuitive user interface, no cryptical commands
Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
Directly loads and debugs DLLs
Object file scanning - locates routines from object files and libraries
Allows for user-defined labels, comments and function descriptions
Understands debugging information in Borland® format
Saves patches between sessions, writes them back to executable file and updates fixups
Open architecture - many third-party plugins are available
No installation - no trash in registry or system directories
Debugs multithread applications
Attaches to running programs
Configurable disassembler, supports both MASM and IDEAL formats
MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
Full UNICODE support
Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!
Recognizes complex code constructs, like call to jump to procedure
Decodes calls to more than 1900 standard API and 400 C functions
Gives context-sensitive help on API functions from external help file
Sets conditional, logging, memory and hardware breakpoints
Traces program execution, logs arguments of known functions
Shows fixups
Dynamically traces stack frames
Searches for imprecise commands and masked binary sequences
Searches whole allocated memory
Finds references to constant or address range
Examines and modifies memory, sets breakpoints and pauses program on-the-fly
Assembles commands into the shortest binary form
Starts from the floppy disk
and much, much more!
Hopefully I will have more time now for version 2.0. Currently I'm working on analyzer. Global prediction of the contents of registers and stack is practically finished. This was a very hard piece, and initially veeery slow, but today I've found the way to accelerate it by the factor 100+. Next I plan to implement known functions. Debugging engine will follow.
Of course, OllyDbg 2.0 will work on all existing versions of 32-bit Windows: 95, 98, ME, NT4, 2000 and XP. I don't know whether it will make sense to play with Server 2003 at all, and Longhorn is not yet ready. From the above list I possess only Windows 95 SR2 and NT4. I have access to Windows 2000, but it would be better to have it at home, too.
Contrary to what MS License Agreement may state, German law allows to transfer OEM version to different computer. If you have old Windows (English/American) that you no longer use, may I ask you to donate it to me? But please, please, no illegal copies! Legal copy consists of: original install or recovery CD, certificate of authenticity and, for newer systems, the label with the product ID or activation code. What I need is:
Windows 98 and/or 98 SE
Windows ME
Windows 2000 home and/or professional (are there any significant differences?)
Windows XP home and/or professional (same question)
Please send it to:
Oleh Yuschuk
Zum Schlag 2
97877 Wertheim
Germany
(Or better drop me a mail first - maybe I have already got this version?). And thank you in advance. Your gifts will help me to improve the quality of OllyDbg 2!
Windows 98 and/or 98 SE
Windows ME
Windows 2000 home and/or professional (有什么明显的不同吗?) //译注:中国有专业版,服务器版和高级服务器版,没听过home版。
Windows XP home and/or professional (同样的问题)//译注:国内的网络中有明显的文章来说明home与pro的不同,主要是网络部分。
