OllyDbg 2.01 alpha 3 Released !
The Hacker News


A major update with many new features. Here are the most important:
  • - Support for multi-monitor configurations
  • - Hardware breakpoints and fast command emulation now co-operate. That is, run trace rund at full speed (up to and exceeding 500000 commands per second) even if there are hardware breakpoints set
  • - Purely conditional breakpoints during run trace are strongly accelerated
  • - Stepping, tracing and execution till selection with hardware breakpoints instead of INT3. Controlled by option Debugging | Use HW breakpoints for stepping
  • - INT3 and hardware breakpoints allow to declare their location as an entry point and specify call parameters for protocolling
  • - Scan for hidden modules. .NET environment frequently loads modules but does not report them to Debugger
  • - Search window keeps up to 8 last searches in a separate tabs
  • - Option to load .udd information even when path, file name or file checksum is different
  • - Option to save .udd file on request
  • - Expressions allow for DWORD=="text". Doubleword is interpreted as a pointer to string, comparison is done both in ASCII and UNICODE modes
  • - Updated decoding of several rare commands
  • - List of windows. I get address of window function directly from the Window tables. This is tricky but works perfectly
  • - ASCII dumps and ASCII strings in Binary edit are displayed according to the seleced code page (option Appearance | ASCII code page)
  • - Memory allocated at address 0 will be correctly recognized and displayed. (Yes, it's possible - I was also astonished by this fact! In this way one can address data using NULL pointer!)
  • - Improved post-mortem dump. I was unable to find the reason for several reported crashes because they occured in the system DLLs. Now when creating the dump I attempt to backtrace the stack
  • - Several not-so-inportand changes, like accelerated analysis of tricky code sequences, option to decode registers for selected command, new origin on non-command (safeguard: no shortcut), correct truncation of very long file names in the main menu, restarting of the last loaded executable even when several OllyDbg instances are running in parallel, etc, etc
  • - And, of course, multiple bugfixes.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.