Loading...
Saturday, September 21, 2013
Home » Unlabelled » Ollydbg-binary-execution-visualizer - New Tool for Visualizing Binaries With Ollydbg and Graphvis

Ollydbg-binary-execution-visualizer - New Tool for Visualizing Binaries With Ollydbg and Graphvis

Sometimes crackme’s or something you might be reversing will constantly bug you due to the excessive usage of f7 & f8. It will be quiet neat if you can see how the application is executing visually and set your break points accordingly.

Requirements:
o Ollyscript plugin
o Bunch of your favorite anti-­‐debug plugins (phantom , ollyadvanced, …etc) o Pygraphviz
o Graphviz
o Python 2.7

Approach:
  • Create an ollyscript that will do the following
    o Log all EIP for main application
    o Disregard to log calls to kernel32 , ntdll & addresses which are above
    7C000000 using step over not step into include more addresses to
    exclude if needed later for other system dll’s 77000000 … etc. o Save EIP Logs to file
  • Parse the log file
  • Feed it into pygraphviz
  • Export to png
  • Visualize & note needed breakpoints.
  • Re-­‐run the app setting above breakpoints.
Posted by at 1:35 AM
Share:

0 comments:

Post a Comment

:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
Welcome Back Visitor! Your Last Visit Was on Wed, Apr 9, 2025 11:08:56 AM
 
TOP