[ BR ] OllyDbg é um depurador x86 que enfatiza a análise de código binário, que é útil quando o código-fonte não está disponível. Ele rastreia registros, reconhece procedimentos, chamadas de API, switches, tabelas, constantes e strings, bem como localiza rotinas de arquivos de objetos e bibliotecas.
[EN] OllyDbg is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries.
[ES] OllyDbg es un depurador x86 que enfatiza el análisis de código binario, lo cual es útil cuando el código fuente no está disponible. Rastrea registros, reconoce procedimientos, llamadas API, conmutadores, tablas, constantes y cadenas, así como también localiza rutinas de bibliotecas y archivos de objetos.
BAIXAR / DOWNLOAD / DESCARGAR :
COMEÇO RÁPIDO / QUICK START / INICIO RÁPIDO :
Read this for quick start. Consult help file for details and more features.
Installation is not necessary. Create new directory and unpack odbg110.zip - now you can start!
Pop-up menus display only items that apply. Frequently used menu functions:
Frequently used global shortcuts:
Function Window Menu command Shortcut Edit memory as binary, ASCII or UNICODE string Disassembler, Stack
DumpBinary|Edit Ctrl+E Undo changes Disassembler, Dump
RegistersUndo selection
UndoAlt+BkSp Run application Main Debug|Run F9 Run to selection Disassembler Breakpoint|Run to selection F4 Execute till return Main Debug|Execute till return Ctrl+F9 Execute till user code Main Debug|Execute till user code Alt+F9 Set/reset INT3 breakpoint Disassembler
Names, SourceBreakpoint|Toggle
Toggle breakpointF2 Set/edit conditional INT3 breakpoint Disassembler
Names, SourceBreakpoint|Conditional
Conditional breakpointShift+F2 Set/edit conditional logging breakpoint (logs into the Log window) Disassembler
Names, SourceBreakpoint|Conditional log
Conditional log breakpointShift+F4 Temporarily disable/restore INT3 breakpoint Breakpoints Disable
EnableSpace Set memory breakpoint (only one is allowed) Disassembler, Dump Breakpoint|Memory, on access
Breakpoint|Memory, on writeRemove memory breakpoint Disassembler, Dump Breakpoint|Remove memory breakpoint Set hardware breakpoint (ME/NT/2000 only) Disassembler, Dump Breakpoint|Hardware (select type and size!) Remove hardware breakpoint Main Debug|Hardware breakpoints Set single-short break on access to memory block (NT/2000 only) Memory Set break-on-access F2 Set break on module, thread, debug string Options Events Set new origin Disassembler New origin here Display list of all symbolic names Disassembler, Dump
ModulesSearch for|Name (label)
View namesCtrl+N Context-sensitive help (requires external help file!) Disassembler, Names Help on symbolic name Ctrl+F1 Find all references in code to selected address range Disassembler
DumpFind references to|Command
Find referencesCtrl+R Find all references in code to the constant Disassembler Find references to|Constant
Search for|All constantsSearch whole allocated memory Memory Search
Search nextCtrl+L Go to address or value of expression Disassembler
DumpGo to|Expression
Go to expressionCtrl+G Go to previous address/run trace item Disassembler Go to|Previous Minus Go to next address/run trace item Disassembler Go to|Next Plus Go to previous procedure Disassembler Go to|Previous procedure Ctrl+Minus Go to next procedure Disassembler Go to|Next procedure Ctrl+Plus View executable file Disassembler, Dump, Modules View|Executable file Copy changes to executable file Disassembler Copy to executable file Analyse executable code Disassembler Analysis|Analyse code Ctrl+A Scan object files and libraries Disassembler Scan object files Ctrl+O View resources Modules, Memory View all resources
View resource stringsSuspend/resume thread Threads Suspend
ResumeDisplay relative addresses Disassembler, Dump, Stack Doubleclick address Copy Most of windows Copy to clipboard Ctrl+C
Frequently used Disasembler shortcuts:
Ctrl+F2 Restart program Alt+F2 Close program F3 Open new program F5 Maximize/restore active window Alt+F5 Make OllyDbg topmost F7 Step into (entering functions) Ctrl+F7 Animate into (entering functions) F8 Step over (executing function calls at once) Ctrl+F8 Animate over (executing function calls at once) F9 Run Shift+F9 Pass exception to standard handler and run Ctrl+F9 Execute till return Alt+F9 Execute till user code Ctrl+F11 Trace into F12 Pause Ctrl+F12 Trace over Alt+B Open Breakpoints window Alt+C Open CPU window Alt+E Open Modules window Alt+L Open Log window Alt+M Open Memory window Alt+O Open Options dialog Ctrl+T Set condition to pause Run trace Alt+X Close OllyDbg
F2 Toggle breakpoint Shift+F2 Set conditional breakpoint F4 Run to selection Alt+F7 Go to previous reference Alt+F8 Go to next reference Ctrl+A Analyse code Ctrl+B Start binary search Ctrl+C Copy selection to clipboard Ctrl+E Edit selection in binary format Ctrl+F Search for a command Ctrl+G Follow expression Ctrl+J Show list of jumps to selected line Ctrl+K View call tree Ctrl+L Repeat last search Ctrl+N Open list of labels (names) Ctrl+O Scan object files Ctrl+R Find references to selected command Ctrl+S Search for a sequence of commands Asterisk (*) Origin Enter Follow jump or call Plus (+) Go to next location/next run trace item Minus (-) Go to previous location/previous run trace item Space ( ) Assemble Colon ( : ) Add label Semicolon ( ; ) Add comment
CRÉDITOS / CREDITS / CREDITOS :
Ongam Otsugua - LABMU
Oleh Yuschuk - OllyDbg