Didier Stevens

Monday 30 October 2006

OllyStepNSearch v0.6.0

Filed under: Reverse Engineering — Didier Stevens @ 10:06

I’ve released a new version of my OllyDbg plugin called OllyStepNSearch.

The new features are:

  • an options dialog
  • Disable After Break option
  • Search in Information Pane
  • a new help function

And this time, there is also a demo movie here on YouTube, a hires (XviD) version can be found here.

3 Comments »

  1. ———————-
    error occur
    vc++ 6.0
    ———————

    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Pluginreadintfromini
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Pluginreadstringfromini
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Pluginwriteinttoini
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Pluginwritestringtoini
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Flash
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Followcall
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Disasm
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Getcputhreadid
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Readcommand
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Infoline
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Decodeascii
    OllyStepNSearch.obj : error LNK2001: unresolved external symbol _Go
    Debug/OllyStepNSearch.dll : fatal error LNK1120: 13 unresolved externals
    Error executing link.exe.

    OllyStepNSearch.dll – 14 error(s), 1 warning(s)

    Comment by kwon9857 — Wednesday 1 November 2006 @ 17:45

  2. That’s no surprise:
    1) it’s written for BCC 5.5, see comments in the makefile:
    # Project file for BCC 5.5, makes OllyStepNSearch.DLL
    2) you have to include the OllyDBG PDK: http://www.ollydbg.de/pdk.htm

    Comment by Didier Stevens — Wednesday 1 November 2006 @ 17:53

  3. Great work ! Thanks !
    I found in the current version have two bugs:
    – Open Help dialog, click OK, my OllyDbg exit. After some debuggin and reading your code, I found the bug is at pHelp pointer. With your code, it is a local variable, not a static or global variabl, so when we free it at IDOK, it contains a random value.
    – The ESC key and IDCANCEL was not processed, so the Help Dialog not disappear.

    Sorry because of I modified your code, I change your code at HlpDlgProc to:

    case WM_COMMAND:
    id = LOWORD(wp);
    if ((IDOK == id) || (IDCANCEL == id))
    {
    if (pHelp != NULL)
    {
    free(pHelp);
    pHelp = NULL;
    }
    EndDialog(hwDialog, id);
    }
    break;
    Best regards,

    Comment by TQN — Monday 6 November 2006 @ 16:02


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 230 other followers

%d bloggers like this: