EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-18-2011, 00:16
JeRRy's Avatar
JeRRy JeRRy is offline
VIP
 
Join Date: Oct 2010
Posts: 119
Rept. Given: 89
Rept. Rcvd 204 Times in 72 Posts
Thanks Given: 13
Thanks Rcvd at 13 Times in 3 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
OllyDumpEx Plugin v1.30 / 2013-06-28

Overview

This plugin is process memory dumper for OllyDbg and Immunity Debugger.
Very simple overview:
OllyDumpEx = OllyDump + PE Dumper - obsoluted + useful features

Features
  • OllyDbg version 2 plugin interface supported (EXPERIMENTAL)
  • Select to dump debugee exe or loaded dll
  • Dump any address space as section even if not in original section header
  • Add dummy section to keep PE format consistency
  • Fix RVA in DataDirectory to follow ImageBase change
  • Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)
Screenshot
http://low-priority.appspot.com/olly...dumpex_ss0.png

Supported Debugger
  • OllyDbg version 1.10 (tested 1.10)
  • OllyDbg version 2.01 EXPERIMENTAL (tested 2.01 alpha 4)
  • Immunity Debugger version 1.7x or lower (tested 1.73)
  • Immunity Debugger version 1.8x or higher (tested 1.83)
This archive file contains plugin DLLs for each debuggers.
OllyDumpEx.zip
Version: v0.90
MD5 : 2c247ed143bcb3c6f9505f2de4fb8a1e
SHA1: 5df21ab07fc843ca4d5057d7ba9689ac623084c0<p id="changes">
Recent Changes
- v0.90 / 2011-08-24
  • Add: Support OllyDbg version 2 plugin interface (EXPERIMENTAL)
  • Improve: Rewrite Wide/Multibyte-Character support code
  • Improve: Decode CopyOnWrite page attribute
  • Bugfix: Detect working directory
- v0.80 / 2011-07-15
  • Add: Support Immunity Debugger version 1.8x or higher
  • Improve: Data Directory rebuild option (check rewrite range)
  • Improve: Always round up PE header size to 0x1000 (ImportRec not extend itself)
  • Bugfix: TLS Data Directory ignored
- v0.70 / 2011-07-01
  • Add: Support Immunity Debugger version 1.7x or lower
  • Improve: Data Directory rebuild option (support ImportTable)
  • Improve: Image Base Address alignment checking
  • Improve: Virtual Offset Address alignment checking
Attached Files
File Type: rar OllyDumpEx v0.90.rar (53.7 KB, 39 views)
Reply With Quote
The Following 7 Users Gave Reputation+1 to JeRRy For This Useful Post:
alekine322 (09-18-2011), chessgod101 (09-18-2011), emo (09-18-2011), giv (09-18-2011), uel888 (09-18-2011), _Servil_ (09-18-2011)
  #2  
Old 10-27-2012, 05:44
JeRRy's Avatar
JeRRy JeRRy is offline
VIP
 
Join Date: Oct 2010
Posts: 119
Rept. Given: 89
Rept. Rcvd 204 Times in 72 Posts
Thanks Given: 13
Thanks Rcvd at 13 Times in 3 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
OllyDumpEx v0.92 / 2012-10-09

Quote:
Improve: Support OllyDbg version 2 plugin new interface
http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
__________________
SnD
Reply With Quote
The Following 6 Users Gave Reputation+1 to JeRRy For This Useful Post:
alekine322 (10-27-2012), besoeso (10-27-2012), chessgod101 (10-27-2012), N0P (10-27-2012), nikkapedd (10-28-2012), riverstore (10-27-2012)
  #3  
Old 04-06-2013, 21:31
Elijah
 
Posts: n/a
OllyDumpEx Plugin v1.12 / 2013-04-02
Quote:
Improve: Update to OllyDbg 2 latest version PDK (2.01h)
Improve: Tested with latest version of debuggers
Bugfix: Search greater than 0x7FFFFFFF memory address failed
Quote:
Supported Debugger
OllyDbg version 1.10 (tested 1.10)
OllyDbg version 2.01 (tested 2.01h)
Immunity Debugger version 1.7x or lower (tested 1.73)
Immunity Debugger version 1.8x or higher (tested 1.85)
https://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 8 Users Gave Reputation+1 to For This Useful Post:
alekine322 (04-07-2013), chessgod101 (04-06-2013), KuNgBiM (04-08-2013), sendersu (04-07-2013), uranus64 (04-06-2013), user1 (04-07-2013)
  #4  
Old 05-29-2013, 08:27
Elijah
 
Posts: n/a
OllyDumpEx Plugin v1.20 / 2013-05-27

Quote:
Add: Support IDA Pro plugin interface (both Retail and Freeware version)
Add: Support native 64bit process dump (IDA Pro only)
Improve: Change dialog position to center of parent window
Improve: Add debug toggle menu to dialog system menu
Improve: Section size handling single section belongs to multiple memory segments
Bugfix: Zero virtual size section handling
https://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 8 Users Gave Reputation+1 to For This Useful Post:
alekine322 (06-01-2013), besoeso (06-02-2013), chessgod101 (05-29-2013), Kla$ (05-30-2013), nikkapedd (05-31-2013), sendersu (05-29-2013), uranus64 (05-29-2013), wilson bibe (05-29-2013)
  #5  
Old 11-10-2013, 09:27
b30wulf's Avatar
b30wulf b30wulf is offline
Family
 
Join Date: Nov 2013
Posts: 134
Rept. Given: 190
Rept. Rcvd 110 Times in 33 Posts
Thanks Given: 132
Thanks Rcvd at 99 Times in 41 Posts
b30wulf Reputation: 100-199 b30wulf Reputation: 100-199
OllyDumpEx Plugin v1.30 / 2013-06-28

OllyDumpEx Plugin v1.30 / 2013-06-28

Quote:
Add: Support WinDbg plugin interface (both 32bit and 64bit)
Improve: Add plugin name and version directory to archive file
Bugfix: Data after section headers in PE Header has been ignored
Bugfix: Fix SizeOfHeaders inconsistency
Download:
https://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Attached Files
File Type: zip OllyDumpEx.zip (313.8 KB, 42 views)
Reply With Quote
The Following 4 Users Gave Reputation+1 to b30wulf For This Useful Post:
niculaita (11-11-2013), quygia128 (11-12-2013), wilson bibe (11-10-2013), zeuscane (11-11-2013)
  #6  
Old 12-18-2014, 20:35
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 198
Rept. Given: 183
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 63
Thanks Rcvd at 104 Times in 27 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
OllyDumpEx v1.40
2014-12-17

Changelog:
Quote:
  • Add: Support x64_dbg plugin interface (both 32bit and 64bit)
  • Improve: Enable NXCOMPAT and DYNAMICBASE for plugin binaries
Download:
Quote:
http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 6 Users Gave Reputation+1 to MarcElBichon For This Useful Post:
canopus (12-20-2014), chessgod101 (12-19-2014), quygia128 (12-19-2014), sendersu (12-19-2014), zeuscane (12-20-2014)
  #7  
Old 01-22-2016, 01:50
bolzano_1989 bolzano_1989 is offline
Friend
 
Join Date: Dec 2011
Posts: 101
Rept. Given: 17
Rept. Rcvd 26 Times in 17 Posts
Thanks Given: 9
Thanks Rcvd at 148 Times in 55 Posts
bolzano_1989 Reputation: 26
OllyDumpEx v1.50
2015-07-03

Changelog:
Quote:
Add: Fuzzy Search mode (for corrupted MZ/PE Signature)
Add: Fix Corrupted PE Header option (Fill Hole option is merged)
Add: Dump result dialog for copy and paste
Improve: Search method optimization
Improve: Corrupted PE Header handling
Improve: Binary dump mode support some options
Bugfix: Rebased PE handling (rebuild dump mode)
Bugfix: Debuggee filename error on attached process (IDA)
Bugfix: Get EIP does not work in recent version (x64_dbg)
Download:
Quote:
https://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 2 Users Say Thank You to bolzano_1989 For This Useful Post:
niculaita (01-22-2016), schrodyn (07-28-2018)
  #8  
Old 05-10-2018, 19:15
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 198
Rept. Given: 183
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 63
Thanks Rcvd at 104 Times in 27 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
OllyDumpEx v1.64 final
2018-05-10


Changelog:
Quote:
- v1.64 / 2018-05-10

Improve: Follow IDA 7.1 changes which break callui backward compatibility layer
Improve: Dump feature available even if debuggee not running (IDA)
Add: Support IDA Freeware version 7.0 (EXPERIMENTAL)

- v1.62 / 2017-11-05

Bugfix: Rebuild dumpfile corrupted when ELF PT_PHDR entry not exist
Bugfix: Failed to load ELF header when sparse segment layout
Improve: Corrupted ELF structure handling
Improve: ELF Loader segment always aligned same as mmap behavior

- v1.60 / 2017-09-19

Add: ELF support
Add: Standalone version
Add: Support IDA Pro 64bit build plugin interface (7.0)
Improve: Image Size editable in binary dump mode for overlay data
Del: Drop old version of Immunity Debugger support (1.7x)
Download:
Quote:
http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 5 Users Say Thank You to MarcElBichon For This Useful Post:
copyleft (05-11-2018), niculaita (05-10-2018), schrodyn (05-13-2018), Zeokat (05-19-2018), zeuscane (05-11-2018)
  #9  
Old 08-15-2018, 18:58
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 198
Rept. Given: 183
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 63
Thanks Rcvd at 104 Times in 27 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
OllyDumpEx v1.70 final
2018-08-15


Changelog:
Quote:
Bugfix: Dump feature not working when non-executable file loaded (IDA)
Bugfix: Readmemory sign extended issue (WinDbg)
Bugfix: Fix Virtual Offset not working on PE32
Bugfix: Fix duplicated entry in section list
Improve: Get EIP as OEP button disabled when debugger not active
Improve: Add EFI and windows driver type detection
Improve: Better fix for corrupted PE IMAGE_DIRECTORY_ENTRY
Improve: Add Cancel feature to search and dump
Add: Search All Occurrences option and Search Result list
Download:
Quote:
http://low-priority.appspot.com/ollydumpex/OllyDumpEx.zip
Reply With Quote
The Following 7 Users Say Thank You to MarcElBichon For This Useful Post:
CRC32 (08-16-2018), emo (08-21-2018), gsaralji (08-16-2018), kienmanowar (08-20-2018), niculaita (08-15-2018), Shub-Nigurrath (09-03-2018), tonyweb (09-23-2018)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Happy New Year 2013 Zipdecode General Discussion 27 02-05-2013 00:34


All times are GMT +8. The time now is 17:46.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX