Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   OllyDbg help. (https://forum.exetools.com/showthread.php?t=2636)

5Alive 09-08-2003 03:52
OllyDbg help.
 
I'm trying to familiarise myself with the use of OllyDbg and I've hit a snag.

When I attach to an app I want to reverse, Olly reports that the attached process is paused at NTDLL.DLL BdgBreakPoint.

RETN
INT3
RETN

Is there a API call to check for the presence of a debugger and halt the process?

Can anyone tell me how to check/circumvent this?

5Alive.

5Alive 09-08-2003 04:10
I now realise that dbgbreakpoint is a api call, however OllDbg when I view the ntdll.dll executable module, there are no calls to it, this is also true of the main exe I'm working with.

I've tried a google search but this hasn't help.

Thanks again,
5Alive.

Squidge 09-08-2003 05:11
dbgbreakpoint is called from the exception port which is part of the process you have attached to and is activated when ollydbg attached to the process. You need to run the app until the context in back in user code, then you can browse and step code all you wish.

5Alive 09-08-2003 18:19
Quote:
Originally posted by Squidge
dbgbreakpoint is called from the exception port which is part of the process you have attached to and is activated when ollydbg attached to the process. You need to run the app until the context in back in user code, then you can browse and step code all you wish.
Thanks for the excellent technical reply. I later discovered I could single step by running the app, but clearly didn't understand the purpose of the dbgBreakPoint function. I do now though :)

5Alive.


All times are GMT +8. The time now is 09:03.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX