sQuo Posted September 21, 2013 Share Posted September 21, 2013 This is the hidden content, please Sign In or Sign Up Ollydbg-binary-execution-visualizer - New Tool for Visualizing Binaries With Ollydbg and Graphvis Sometimes crackme’s or something you might be reversing will constantly bug you due to the excessive usage of f7 & f8. It will be quiet neat if you can see how the application is executing visually and set your break points accordingly. Requirements: o Ollyscript plugin o Bunch of your favorite anti-‐debug plugins (phantom , ollyadvanced, …etc) o Pygraphviz o Graphviz o Python 2.7 Approach: Create an ollyscript that will do the following o Log all EIP for main application o Disregard to log calls to kernel32 , ntdll & addresses which are above 7C000000 using step over not step into include more addresses to exclude if needed later for other system dll’s 77000000 … etc. o Save EIP Logs to file Parse the log file Feed it into pygraphviz Export to png Visualize & note needed breakpoints. Re-‐run the app setting above breakpoints. This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts