Recent changes to Exampleshttps://sourceforge.net/p/odbgscript/wikitrac/Examples/Recent changes to ExamplesenThu, 24 Jul 2014 20:06:43 -0000Examples modified by Epsylon 3https://sourceforge.net/p/odbgscript/wikitrac/Examples/<div class="markdown_content"><div> </div> <h2 id="break-on-api-call">Break on API call</h2> <div class="codehilite"><pre><span class="n">gpa</span> <span class="s">"CreateFileA"</span><span class="p">,</span> <span class="s">"kernel32.dll"</span> <span class="p">;</span> <span class="n">store</span> <span class="n">address</span> <span class="n">mov</span> <span class="n">CreateFileA</span><span class="p">,</span> <span class="err">$</span><span class="n">RESULT</span> <span class="n">cmp</span> <span class="n">CreateFileA</span><span class="p">,</span> <span class="mi">0</span> <span class="n">je</span> <span class="n">exit</span> <span class="p">;</span> <span class="n">create</span> <span class="n">a</span> <span class="n">new</span> <span class="n">breakpoint</span> <span class="n">bp</span> <span class="n">CreateFileA</span> <span class="n">run</span> <span class="nl">exit:</span> </pre></div> <h2 id="load-a-library-in-debugged-application">Load a library in debugged application</h2> <div class="codehilite"><pre><span class="p">;</span> <span class="n">create</span> <span class="n">new</span> <span class="n">memory</span> <span class="n">segment</span> <span class="n">to</span> <span class="n">store</span> <span class="n">DLL</span> <span class="n">name</span> <span class="n">alloc</span> <span class="mi">50</span> <span class="n">mov</span> <span class="n">pLib</span><span class="p">,</span> <span class="err">$</span><span class="n">RESULT</span> <span class="n">mov</span> <span class="p">[</span><span class="n">pLib</span><span class="p">],</span><span class="s">"//PATH_OF_DLL//"</span> <span class="p">;</span> <span class="n">Address</span> <span class="n">of</span> <span class="n">API</span> <span class="n">LoadLibraryA</span><span class="p">(</span><span class="n">sDllName</span><span class="p">)</span> <span class="n">gpa</span> <span class="s">"LoadLibraryA"</span><span class="p">,</span><span class="s">"kernel32.dll"</span> <span class="n">mov</span> <span class="n">LoadLibraryA</span><span class="p">,</span> <span class="err">$</span><span class="n">RESULT</span> <span class="p">;</span><span class="n">inject</span> <span class="n">and</span> <span class="n">execute</span> <span class="n">code</span> <span class="o">:</span> <span class="n">LoadLibrary</span><span class="p">(</span><span class="n">pLib</span><span class="p">)</span> <span class="n">push</span> <span class="n">pLib</span> <span class="n">exec</span> <span class="n">call</span> <span class="p">{</span><span class="n">LoadLibraryA</span><span class="p">}</span> <span class="n">ende</span> <span class="p">;</span> <span class="n">free</span> <span class="n">memory</span> <span class="n">bloc</span> <span class="n">free</span> <span class="n">pLib</span> <span class="n">refresh</span> </pre></div> <p>Note : The REFRESH command is needed if you want to get module informations. OllyDBG doesn't refresh module window automatically.</p> <div> </div> </div>Epsylon 3Thu, 24 Jul 2014 20:06:43 -0000https://sourceforge.net858838dabcddb90ad2c8b51899d1af381b7a53ae