首页
论坛
课程
招聘
[转帖]OllyDumpEx v0.92 / 2012-10-09
2012-10-28 06:22 14011

[转帖]OllyDumpEx v0.92 / 2012-10-09

2012-10-28 06:22
14011
This plugin is process memory dumper for OllyDbg and Immunity Debugger.

Very simple overview:

OllyDumpEx = OllyDump + PE Dumper - obsoluted + useful features

Features

· OllyDbg version 2 plugin interface supported (EXPERIMENTAL)
· Select to dump debugee exe or loaded dll
· Dump any address space as section even if not in original section header
· Add dummy section to keep PE format consistency
· Fix RVA in DataDirectory to follow ImageBase change
· Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)

Screenshot



Supported Debugger

· OllyDbg version 1.10 (tested 1.10)
· OllyDbg version 2.01 EXPERIMENTAL (tested 2.01 alpha 4)
· Immunity Debugger version 1.7x or (tested 1.73)
· Immunity Debugger version 1.8x or higher (tested 1.83)

This archive file contains plugin DLLs for each debuggers.

- v0.70 / 2011-07-01

Add: Support Immunity Debugger version 1.7x or lower
Improve: Data Directory rebuild option (support ImportTable)
Improve: Image Base Address alignment checking
Improve: Virtual Offset Address alignment checking

- v0.80 / 2011-07-15

Add: Support Immunity Debugger version 1.8x or higher
Improve: Data Directory rebuild option (check rewrite range)
Improve: Always round up PE header size to 0x1000 (ImportRec not extend itself)
Bugfix: TLS Data Directory ignored

- v0.90 / 2011-08-24

Add: Support OllyDbg version 2 plugin interface (EXPERIMENTAL)
Improve: Rewrite Wide/Multibyte-Character support code
Improve: Decode CopyOnWrite page attribute
Bugfix: Detect working directory

- v0.92 / 2012-10-09

Improve: Support OllyDbg version 2 plugin new interface  

http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip

【公告】看雪团队招聘安全工程师,将兴趣和工作融合在一起!看雪20年安全圈的口碑,助你快速成长!

收藏
点赞0
打赏
分享
最新回复 (7)
雪    币: 1399
活跃值: 活跃值 (652)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
chixiaojie 活跃值 2012-10-28 06:36
2
0
此处删除,只是作测试安全宝对敏感词的拦截。
雪    币: 2857
活跃值: 活跃值 (201)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
yjd 活跃值 2012-10-28 09:16
3
0
唯一一张截图,竟然是看不到-_-!!。。
雪    币: 671
活跃值: 活跃值 (175)
能力值: ( LV13,RANK:460 )
在线值:
发帖
回帖
粉丝
FishSeeWater 活跃值 11 2012-10-28 09:20
4
0
支持2.0插件
雪    币: 106
活跃值: 活跃值 (218)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
Fido 活跃值 2012-10-28 12:00
5
0
有点意思的插件
雪    币: 4006
活跃值: 活跃值 (607)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
ldljlzw 活跃值 2012-10-29 23:38
6
0
谁能本地一个不?
雪    币: 40374
活跃值: 活跃值 (158837)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
linhanshi 活跃值 2012-10-29 23:46
7
0
論壇
_http://bbs.pediy.com/showpost.php?p=1111134&postcount=14
上传的附件:
雪    币: 40374
活跃值: 活跃值 (158837)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
linhanshi 活跃值 2012-10-29 23:47
8
0
http://bbs.pediy.com/showthread.php?t=140295
上传的附件:
游客
登录 | 注册 方可回帖
返回