Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   June 03, 2007 - OllyDBG 2.0 Development Update (https://forum.exetools.com/showthread.php?t=10927)

WaSt3d_ByTes 06-04-2007 19:48
June 03, 2007 - OllyDBG 2.0 Development Update
 
The progress in the last two weeks is enormous. List of Extremely Important Things To Do got five items shorter. But news of this kind are roughly equivalent to the summer headlines in the newspapers; now I want to tell you something different.

While testing MinGW compiler, I wrote a small console application:

int main() {
MessageBox(NULL,"I'm a little, little code in a big, big world... Hello, world!",
"Hello, world",MB_OK);
return 0;
}

Highly optimized release version of this code looks this way:

http://ollydbg.de/Pics/helloworld.gif

MinGW reserves space on the stack and moves arguments instead of pushing. But note the following: The order of arguments for MessageBox() is hOwner, Text, Caption, Type. MinGW has changed this order; still, OllyDbg 2 was able to recognize the arguments.

MinGW (in fact, GNU) is an excellent compiler, its only weakness is that many exotic APIs are not yet in the headers.

That's all for this time, bye!

Squidge 06-04-2007 20:27
Erm, I assume this is something to do with Ollydbg? But with a subject of "June 03, 2007 - Development continues" in the "Software Release" forum, I'm really not sure...

Vrane 07-10-2007 02:18
Quote:
July 08, 2007 - UDD files

Now OllyDbg 2 can save analysis data to the .udd files. Comparing to the previous version, they are very big - two to three times larger, mainly due to the register predictions. For almost every command I keep ESP and EBP relative to the entry point. Many modern compilers don't use standard stack frames; instead, they address all arguments and local data over ESP. Predictions allow to decode the meanings of ESP-related offsets. They are also very helpful when tracing the call stack.

It takes significant time to load such a huge amounts of data. First version took between 0.1 and 0.7 seconds per module. With full analysis of all modules requested (and this will be the default option), startup took several seconds on my Athlon 4000+. Now, after several days of deep optimizations, this time got three times shorter.
hxxp://www.ollydbg.de/version2.html

JMI 07-10-2007 03:42
Moved to General Discussion as there is no "Release." ;)

Regards,


All times are GMT +8. The time now is 04:52.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX