OllyDumpEx 1.80

A-new · 发表于 2020-2-5 10:03

OverviewThis plugin is process memory dumper for OllyDbg and Immunity Debugger.
Very simple overview:
OllyDumpEx = OllyDump + PE Dumper - obsoleted + useful features
Features

Various debuggers supported
Select to dump debugee exe, loaded dll or non-listed module
Search PE File from memory
Multiple Dump mode. Rebuild for typical PE dump, Binary for PE Carving
PE32+ supported (Search and Binary Dump mode only available on 32bit debugger)
Native 64bit process supported (IDA Pro, WinDbg and x64dbg)
ELF supported (both of 32bit and 64bit)
Standalone version available
Dump any address space as section even if not in original section header
Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...)

Supported Debugger

OllyDbg version 1.10 (tested 1.10)
OllyDbg version 2.01 (tested 2.01)
Immunity Debugger version 1.8x or higher (tested 1.85)
IDA Pro 32bit build version 5.0 or higher (tested 6.9)
IDA Pro 64bit build version 7.0 or higher (tested 7.1)
IDA Freeware 32bit build version 5.0 (tested 5.0)
IDA Freeware 64bit build version 7.0 (tested 7.0.190307)
WinDbg version 6.x (tested 6.2)
x64dbg (tested 20170822 snapshot)

v1.80 / 2020-01-06

Bugfix: Fix race condition when reading large amount of memory (IDA)
Bugfix: DYNAMICBASE not working (Standalone)
Bugfix: Fix UI stall race condition issue when press Back to Menu button
Improve: Adjust UI layout for high DPI setting
Improve: Add DebugPriv button for runas administrator (Standalone)
Improve: Add OpenFile button for carving from localfile (Standalone)
Improve: Resolve mapped filename if possible (Standalone,x64dbg)
Improve: Add ReScan marker for rescan required setting changes
Improve: Use segment name as module name when segment not belong to module (IDA)
Improve: Address range autofill use mapped address instead of image base address
Add: File image source use specified file when memory and address base mode selected
Add: Dummy image header mode for image which not have valid image header

OllyDumpEx_v1.80.zip (1 MB, 下载次数: 1235)

alittlebear · 发表于 2020-2-5 11:23

FleTime 发表于 2020-2-5 10:23
简单说明一下，此插件是OllyDbg和Immunity Debugger的进程内存转储器。

OllyDumpEx = OllyDump + PE Dum ...

一脸懵....我还是默默的去打酱油好了....

FleTime · 发表于 2020-2-5 10:23

简单说明一下，此插件是OllyDbg和Immunity Debugger的进程内存转储器。

OllyDumpEx = OllyDump + PE Dumper-已过时+有用的功能

就是长得帅 · 发表于 2020-2-5 10:45

学习了哈

littlebit · 发表于 2020-2-5 11:12

厉害了，大佬，感谢分享

吾爱007 · 发表于 2020-2-5 11:21

感谢分享

思想者 · 发表于 2020-2-5 12:48

支持大作..

就是长得帅 · 发表于 2020-2-5 12:55

英文额吗？

cptw · 发表于 2020-2-5 14:31

感谢楼主分享,但完全看不懂！

q510 · 发表于 2020-2-5 16:40

感谢楼主分享，只会ESP定律脱壳

帐号		自动登录	找回密码
密码			注册[Register]

[OllyDbg 1.x Plugin] OllyDumpEx 1.80

免费评分

个人中心