首页
论坛
课程
招聘
[转帖]OllyDumpEx 1.20 (2) by Low Priority
2013-6-16 23:50 6765

[转帖]OllyDumpEx 1.20 (2) by Low Priority

2013-6-16 23:50
6765
OllyDumpEx 1.20 (2) by Low Priority
This plugin is process memory dumper for OllyDbg, IDA Pro (retail and freeware) and Immunity Debugger. Very simple overview:

OllyDumpEx = OllyDump + PE Dumper - obsoleted + useful features

Features:

- OllyDbg version 2 plugin interface supported
- IDA Pro Retail and Freeware version plugin interface supported
- Select to dump debugee exe, loaded dll or non-listed module
- Search MZ/PE Signature from memory
- Multiple Dump mode. Rebuild for typical PE dump, Binary for PE Carving
- PE32+ supported (Search and Binary Dump mode only available on 32bit debugger)
- Native 64bit process supported (IDA Pro only)
- Dump any address space as section even if not in original section header
- Add dummy section to keep PE format consistency
- Fix RVA in DataDirectory to follow ImageBase change
- Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)

http://low-priority.appspot.com/ollydumpex/


【公告】看雪招聘大学实习生!看雪20年安全圈的口碑,助你快速成长!

上传的附件:
收藏
点赞1
打赏
分享
最新回复 (1)
雪    币: 42903
活跃值: 活跃值 (162454)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
linhanshi 活跃值 2013-7-11 09:04
2
0
OllyDumpEx 1.30 (2) by Low Priority
== Changelog
- v1.30 / 2013-06-28
Add: Support WinDbg plugin interface (both 32bit and 64bit)
Improve: Add plugin name and version directory to archive file
Bugfix: Data after section headers in PE Header has been ignored
Bugfix: Fix SizeOfHeaders inconsistency
- v1.20 / 2013-05-27
Add: Support IDA Pro plugin interface (both Retail and Freeware version)
Add: Support native 64bit process dump (IDA Pro only)
Improve: Change dialog position to center of parent window
Improve: Add debug toggle menu to dialog system menu
Improve: Section size handling single section belongs to multiple memory segments
Bugfix: Zero virtual size section handling

上传的附件:
游客
登录 | 注册 方可回帖
返回