Presentation is loading. Please wait.

Presentation is loading. Please wait.

OllyDbg Debuger.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "OllyDbg Debuger."— Presentation transcript:

1 OllyDbg Debuger

2 What is OllyDbg OllyDbg is a debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries

3 Versions Version 1.10 is the final 1.x release.
Version 2.0 is in development and is being written from the ground up. Note: The current version of OllyDbg cannot disassemble binaries compiled for 64 bit processors.

4 Features Executes program in a controlled environment.
Allows the flow of the program to be controlled. Uses a convenient layout showing hexadecimal, assembly, CPU registers and stack. Allows the program to be dumped from the memory onto the hard-disk. Highlights recently changed values in memory/stack/CPU registers.

5 Window Layouts Window layouts are the various parts of the UI that contain pertinent information Code window – Displays the executable machine code Register window – Allows the user to watch the contents of each register during execution Memory window – Allows the user to view the contents of various memory locations Stack window – Displays the stack, including memory addresses and values

6 Working in OllyDbg Navigation Commenting Listing Names Showing Memory
Moving Searching Commenting Can be entered in the code window with the ; or : keys Listing Names The names window displays all functions or imported functions used in the program Listing them is easy via the shortcut Ctrl + N Showing Memory Displaying memory can be useful when looking for strings or other important data Displaying the memory map window can be achieved via Alt + M

7 Working in OllyDbg Cont…
Breakpoints Breakpoints allow the debugger to stop at a specified address or instruction There are two types of breakpoints in general Software breakpoints Handled by the operating system Set by navigating to the specified address and hitting F2 Hardware breakpoints Handled by the processor Set by finding a place in memory you want to break on access and right clicking selecting the proper option Olly also provides a way to view and turn on and off breakpoints via the breakpoints window with Alt + B

8 Working in OllyDbg Cont…
Controlling Execution Starting the process Once the target program is either loaded or attached in Olly you can start execution. This will actually set up an initial breakpoint at the application entry point There are several ways you can proceed from the entry point Single stepping Executes one instruction at a time and can be achieved by hitting F7 Steps into every function Tedious as fuck Execute until return Executes until the ret instuction is encoutered which can be achieved by hitting Ctrl + F9 Executes all instructions in the current function Faster than single stepping but not as comprehensive

9 Working in OllyDbg Cont…
Watching execution Registers Handled in the register window Red highlighting indicates a register has changed Stack Handled in the stack window Display can be address or relative address from ebp Call stack Displays the functions the current function has been called from Can be displayed with the shortcut Alt + K

10 Demo Cracking a program using buffer overflow
Rfile() function address: 0x004013B0 Register address: 0x0013FB78 Return address: 0x C Buffer address: 0x0013FB6C Buffer length: 10 Bytes Address length: 2 Bytes

11

12

13

14 Tota Tota Story End… The End

Download ppt "OllyDbg Debuger."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Slide 1CPU Emulator Tutorial This program is part of the software suite that accompanies the book The Digital Core, by Noam Nisan and Shimon Schocken 2003,

Slide 1CPU Emulator Tutorial This program is part of the software suite that accompanies the book The Digital Core, by Noam Nisan and Shimon Schocken 2003,
Utilizing the GDB debugger to analyze programs Background and application.

Utilizing the GDB debugger to analyze programs Background and application.
Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.

Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.
Debugging What can debuggers do? Run programs Make the program stops on specified places or on specified conditions Give information about current variables’

Debugging What can debuggers do? Run programs Make the program stops on specified places or on specified conditions Give information about current variables’
Lab6 – Debug Assembly Language Lab

Lab6 – Debug Assembly Language Lab
Lecture Roger Sutton CO331 Visual programming 15: Debugging 1.

Lecture Roger Sutton CO331 Visual programming 15: Debugging 1.
Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.

Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.
The IDE (Integrated Development Environment) provides a DEBUGGER for locating and correcting errors in program logic (logic errors not syntax errors) The.

The IDE (Integrated Development Environment) provides a DEBUGGER for locating and correcting errors in program logic (logic errors not syntax errors) The.
1 Homework Reading –PAL, pp 201-216, 297-312 Machine Projects –Finish mp2warmup Questions? –Start mp2 as soon as possible Labs –Continue labs with your.

1 Homework Reading –PAL, pp , Machine Projects –Finish mp2warmup Questions? –Start mp2 as soon as possible Labs –Continue labs with your.
Table 1. Software Hierarchy Levels.. Essential Tools An assembler is a program that converts source-code programs into a machine language (object file).

Table 1. Software Hierarchy Levels.. Essential Tools An assembler is a program that converts source-code programs into a machine language (object file).
1-1 Embedded Software Development Tools and Processes Hardware & Software Hardware – Host development system Software – Compilers, simulators etc. Target.

1-1 Embedded Software Development Tools and Processes Hardware & Software Hardware – Host development system Software – Compilers, simulators etc. Target.
Introduction to Interrupts

Introduction to Interrupts
Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.

Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.
MDK-ARM Microcontroller Development Kit MDK: Microcontroller Development Kit.

MDK-ARM Microcontroller Development Kit MDK: Microcontroller Development Kit.
Chapter 2 Software Tools and Assembly Language Syntax.

Chapter 2 Software Tools and Assembly Language Syntax.
Silicon Labs ToolStick Development Platform

Silicon Labs ToolStick Development Platform
CHAPTER 1 XNA Game Studio 4.0. Your First Project A computer game is not just a program—it is also lots of other bits and pieces that make playing the.

CHAPTER 1 XNA Game Studio 4.0. Your First Project A computer game is not just a program—it is also lots of other bits and pieces that make playing the.
System Calls 1.

System Calls 1.
Practical Malware Analysis Ch 8: Debugging Rev. 10-13-14.

Practical Malware Analysis Ch 8: Debugging Rev

Similar presentations

Ads by Google