>Instalando o OllyDBG 2.0c no Ubuntu 10.04 LTS

>Para quem curte engenharia reversa, descomplicação e outros, vamos instalar o OllyDBG 2.0c no Ubuntu 10.04 LTS


Descrição do Fabricante:
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special highlights are:

  • Intuitive user interface, no cryptical commands
  • Code analysis – traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
  • Directly loads and debugs DLLs
  • Object file scanning – locates routines from object files and libraries
  • Allows for user-defined labels, comments and function descriptions
  • Understands debugging information in Borland® format
  • Saves patches between sessions, writes them back to executable file and updates fixups
  • Open architecture – many third-party plugins are available
  • No installation – no trash in registry or system directories
  • Debugs multithread applications
  • Attaches to running programs
  • Configurable disassembler, supports both MASM and IDEAL formats
  • MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
  • Full UNICODE support
  • Dynamically recognizes ASCII and UNICODE strings – also in Delphi format!
  • Recognizes complex code constructs, like call to jump to procedure
  • Decodes calls to more than 1900 standard API and 400 C functions
  • Gives context-sensitive help on API functions from external help file
  • Sets conditional, logging, memory and hardware breakpoints
  • Traces program execution, logs arguments of known functions
  • Shows fixups
  • Dynamically traces stack frames
  • Searches for imprecise commands and masked binary sequences
  • Searches whole allocated memory
  • Finds references to constant or address range
  • Examines and modifies memory, sets breakpoints and pauses program on-the-fly
  • Assembles commands into the shortest binary form
  • Starts from the floppy disk

and much, much more!

Features OllyDBG 2.0c:
April 11, 2011 – OllyDbg 2.01 alpha 3. Here it is!
A major update with many new features. Here are the most important:

– Support for multi-monitor configurations
– Hardware breakpoints and fast command emulation now co-operate. That is, run trace rund at full speed (up to and exceeding 500000 commands per second) even if there are hardware breakpoints set
– Purely conditional breakpoints during run trace are strongly accelerated
– Stepping, tracing and execution till selection with hardware breakpoints instead of INT3. Controlled by option Debugging | Use HW breakpoints for stepping
– INT3 and hardware breakpoints allow to declare their location as an entry point and specify call parameters for protocolling
– Scan for hidden modules. .NET environment frequently loads modules but does not report them to Debugger
– Search window keeps up to 8 last searches in a separate tabs
– Option to load .udd information even when path, file name or file checksum is different
– Option to save .udd file on request
– Expressions allow for DWORD==”text”. Doubleword is interpreted as a pointer to string, comparison is done both in ASCII and UNICODE modes
– Updated decoding of several rare commands
– List of windows. I get address of window function directly from the Window tables. This is tricky but works perfectly
– ASCII dumps and ASCII strings in Binary edit are displayed according to the seleced code page (option Appearance | ASCII code page)
– Memory allocated at address 0 will be correctly recognized and displayed. (Yes, it’s possible – I was also astonished by this fact! In this way one can address data using NULL pointer!)
– Improved post-mortem dump. I was unable to find the reason for several reported crashes because they occured in the system DLLs. Now when creating the dump I attempt to backtrace the stack
– Several not-so-inportand changes, like accelerated analysis of tricky code sequences, option to decode registers for selected command, new origin on non-command (safeguard: no shortcut), correct truncation of very long file names in the main menu, restarting of the last loaded executable even when several OllyDbg instances are running in parallel, etc, etc
– And, of course, multiple bugfixes.

# apt-get install wine* -y

Feito o download, descompacte com unzip na sua pasta de peferência:
# unzip odbg201c.zip

# cd odbg201c
# wine ollydbg.exe


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s