Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-21-2004, 19:30
MrCracking
 
Posts: n/a
Unhappy Newbie needs help again

All

I have a strange problem. I have a program that runs ok in Olly1.10 but fails with 'exeception error' if I set any breakpoints!

It seems the program somehow knows its being watched! Is this possible?

If so, any suggestions on what to do next?

MrCracking
Reply With Quote
  #2  
Old 03-22-2004, 17:42
least
 
Posts: n/a
Hi,
setting a breakpoint means changing byte of code to 0xCC; this can be checked (CRC, searching for CC,...). If this is the case, you could try some kernel level debugger (sice,...) and set hardware breakpoint (if the app doesn't clear debug registers). You cna set hw bpreakpoint on execution, or set breakpoint on read to catch the check.

least
Reply With Quote
  #3  
Old 03-22-2004, 18:32
MrCracking
 
Posts: n/a
Least

Thanks for your reply, I have learn't something. So I need a different debugger, I have Sice4.05 but it doen't work on XP does it?

MrCracking
Reply With Quote
  #4  
Old 03-22-2004, 18:45
Satyric0n
 
Posts: n/a
For SoftICE on WinXP, use version 4.30 or 4.31. I uploaded DriverStudio 3.1 to the FTP already, so you will want to grab that.

But, OllyDbg fully supports hardware breakpoints, so I don't really see a need for SoftICE here. Working with hardware breakpoints in Olly is, unfortunately, not very intuitive, but it's fairly painless if you have the CommandBar plugin. To set a breakpoint, just do the obvious -- right-click on an address, and do Set Hardware Breakpoint On Execute. If you have the CommandBar plugin, the easiest way to clear a hardware breakpoint is just to do the HD command -- you will get a dialog showing you the currently set breakpoints, and you can just select which one to clear.

Regards,
Satyric0n
Reply With Quote
  #5  
Old 03-22-2004, 19:25
MrCracking
 
Posts: n/a
Satyric0n

Thank you for your reply. I have 2 questions, remember I am a newbie , is DriverStudio = SoftIce?

and

Where do I get the "CommandBar plugin"

Thanks in advance

MrCracking
Reply With Quote
  #6  
Old 03-22-2004, 19:35
Satyric0n
 
Posts: n/a
DriverStudio is a suite of applications from Compuware for driver development, one of which is SoftICE. So if you get DriverStudio, you will be getting SoftICE and then some. As of right now, v3.1 is the latest version of DriverStudio.

The CommandBar plugin (along with lots of other plugins) for Olly is available at hxxp://ollydbg.win32asmcommunity.net/stuph/

Regards,
Satyric0n
Reply With Quote
  #7  
Old 03-22-2004, 19:51
MrCracking
 
Posts: n/a
Satyric0n

Thanks! I appriciate your and Least's help and patience

MrCracking
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Newbie need help MrCracking General Discussion 2 03-10-2004 05:38
Newbie needs help :) Please. knight General Discussion 1 02-25-2004 15:42


All times are GMT +8. The time now is 13:11.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )