OllyDbg 2.01.I + Plugins [05.02.2014]

OllyDbg 2.01.I + Plugins [05.02.2014]

As you see, this version already supports plugins. New plugin interface is similar to the old (v1.10) but is not backwards compatible. It includes more than 350 API functions, 60 or so variables and many enumerations and structures that all need to be documented. This will take a while, therefore I decided to make a preliminary release. It includes plugin header file (plugin.h) and commented bookmarks source code (bookmark.c). Writing your own plugins without the documentation is a pure masochism, but at least you will be able to analyse the structure of the interface and  send me your comments, wishes and suggestions.

This is the last alpha release. After plugin documentation is ready, I will call it 2.01 beta 1. Then I will start to write OllyDbg help and finally make the full 2.01 release. Till then, I plan no major changes.

Other new features in this version:

- Patch manager, similar to 1.10
- Shortcut editor, supports weird things like Ctrl+Win+$ etc. Now you can customize and share your shortcuts. I haven't tested it on Win7, please report any found bugs and incompatibilities!
- Instant .udd file loading. In the previous versions I've postponed analysis, respectivcely reading of the .udd file till the moment when all external links are resolved. But sometimes it took plenty of time, module started execution and was unable to break on the breakpoints placed in the DLL initialization routine
- Automatic search for the SFX entry point, very raw and works only with several packers. Should be significantly more reliable than 1.10. If you tried it on some SFX and OllyDbg was unable to find real entry, please send me, if possible, the link or executable for analysis!
- "Go to" dialog lists of matching names in all modules
- Logging breakpoints can protocol multiple expressions. Here is an example: I ask OllyDbg to protocol the contents of EAX, EBX and 4 memory doublewords starting at address ESP. Expressions must be separated by commas, repeat count has form SIZE*N, N=1..32:

This is what you will see in the log when breakpoint is hit:

Many not-so-important new features:

- Thread names (MS_VC_EXCEPTION)
- UNICODE box characters clipboard mode
- Multiline debugging strings (of large size)
- On debug string, OllyDbg attempts to find call to OutputDebugString()
- INT3 breakpoints set on the first byte of edited memory area are retained
- Decoding of User Shared Data block
- Addressing relative to module base
- If plugin crashes, OllyDbg will report its name
- etc, etc.

Plugins for ollyDBG 2.01I:

Download Here or Here

Unrar if need: 44 22 FB EF BF 7F 7F 87 B7 85 CB BA AA E7 39 5C

By ollydbg.de

Regards,
quygia128