OllyScript Dump problem

[SystemeD]

Hi all,
I'm trying to write a little script for Olly using OllyScript v0.92. I simply place an hw breakpoint and then I dump a portion of memory with this command:

Code:

DM
DM addr, size, file
-----------
Dumps memory of specified size from specified address to specified file

Well, the dump is not correct! It doesn't have the right size and I discover that 0D is added somewhere in the dump.
Here is an example of the dump compared with one taken with the IsDebuggerPresent plugin's dump feature. Look at offset 0x77.

OllyScript:

Code:

Offset      0  1  2  3  4  5  6  7   8  9  A  B  C  D  E  F

00000000   4D 5A 90 00 03 00 00 00  04 00 00 00 FF FF 00 00   MZ�.........ÿÿ..
00000010   B8 00 00 00 00 00 00 00  40 00 00 00 00 00 00 00   ¸.......@.......
00000020   00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00000030   00 00 00 00 00 00 00 00  00 00 00 00 80 00 00 00   ............€...
00000040   0E 1F BA 0E 00 B4 09 CD  21 B8 01 4C CD 21 54 68   ..º..´.Í!¸.LÍ!Th
00000050   69 73 20 70 72 6F 67 72  61 6D 20 63 61 6E 6E 6F   is program canno
00000060   74 20 62 65 20 72 75 6E  20 69 6E 20 44 4F 53 20   t be run in DOS 
00000070   6D 6F 64 65 2E 0D 0D 0D  0A 24 00 00 00 00 00 00   mode.....$......
00000080   00 50 45 00 00 4C 01 03  00 82 7F 6C 42 00 00 00   .PE..L...‚lB...

IsDebuggerPresent:

Code:

Offset      0  1  2  3  4  5  6  7   8  9  A  B  C  D  E  F

00000000   4D 5A 90 00 03 00 00 00  04 00 00 00 FF FF 00 00   MZ�.........ÿÿ..
00000010   B8 00 00 00 00 00 00 00  40 00 00 00 00 00 00 00   ¸.......@.......
00000020   00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00000030   00 00 00 00 00 00 00 00  00 00 00 00 80 00 00 00   ............€...
00000040   0E 1F BA 0E 00 B4 09 CD  21 B8 01 4C CD 21 54 68   ..º..´.Í!¸.LÍ!Th
00000050   69 73 20 70 72 6F 67 72  61 6D 20 63 61 6E 6E 6F   is program canno
00000060   74 20 62 65 20 72 75 6E  20 69 6E 20 44 4F 53 20   t be run in DOS 
00000070   6D 6F 64 65 2E 0D 0D 0A  24 00 00 00 00 00 00 00   mode....$.......
00000080   50 45 00 00 4C 01 03 00  82 7F 6C 42 00 00 00 00   PE..L...‚lB....

Any idea on how to solve this problem?
Thanks.

[Jay]

I did hear mention of a bug in the original ollyscript, I uploaded a fixed dll that is supposed to fix it though I never got around to trying it.
http://rapidshare.de/files/5164283/OllyScript_fixed.rar.html

[SystemeD]

Hi Jay,
Thank you very much, it works perfectly now!