Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Newbie needs help again (https://forum.exetools.com/showthread.php?t=3696)

MrCracking 03-21-2004 19:30
Newbie needs help again
 
All

I have a strange problem. I have a program that runs ok in Olly1.10 but fails with 'exeception error' if I set any breakpoints!

It seems the program somehow knows its being watched! Is this possible?

If so, any suggestions on what to do next?

MrCracking

least 03-22-2004 17:42
Hi,
setting a breakpoint means changing byte of code to 0xCC; this can be checked (CRC, searching for CC,...). If this is the case, you could try some kernel level debugger (sice,...) and set hardware breakpoint (if the app doesn't clear debug registers). You cna set hw bpreakpoint on execution, or set breakpoint on read to catch the check.

least

MrCracking 03-22-2004 18:32
Least

Thanks for your reply, I have learn't something. So I need a different debugger, I have Sice4.05 but it doen't work on XP does it?

MrCracking

Satyric0n 03-22-2004 18:45
For SoftICE on WinXP, use version 4.30 or 4.31. I uploaded DriverStudio 3.1 to the FTP already, so you will want to grab that.

But, OllyDbg fully supports hardware breakpoints, so I don't really see a need for SoftICE here. Working with hardware breakpoints in Olly is, unfortunately, not very intuitive, but it's fairly painless if you have the CommandBar plugin. To set a breakpoint, just do the obvious -- right-click on an address, and do Set Hardware Breakpoint On Execute. If you have the CommandBar plugin, the easiest way to clear a hardware breakpoint is just to do the HD command -- you will get a dialog showing you the currently set breakpoints, and you can just select which one to clear.

Regards,
Satyric0n

MrCracking 03-22-2004 19:25
Satyric0n

Thank you for your reply. I have 2 questions, remember I am a newbie :( , is DriverStudio = SoftIce?

and

Where do I get the "CommandBar plugin"

Thanks in advance

MrCracking

Satyric0n 03-22-2004 19:35
DriverStudio is a suite of applications from Compuware for driver development, one of which is SoftICE. So if you get DriverStudio, you will be getting SoftICE and then some. As of right now, v3.1 is the latest version of DriverStudio.

The CommandBar plugin (along with lots of other plugins) for Olly is available at hxxp://ollydbg.win32asmcommunity.net/stuph/

Regards,
Satyric0n

MrCracking 03-22-2004 19:51
Satyric0n

Thanks! I appriciate your and Least's help and patience :D

MrCracking


All times are GMT +8. The time now is 09:17.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX