Comments on: Tutorial #4: Using Olly, Part 2

By: jc economics tuition

jc economics tuition — Wed, 18 Sep 2013 02:04:37 +0000

Hello just wanted to give you a brief heads up and let you know a few of the images aren’t loading properly.
I’m not sure why but I think its a linking issue.
I’ve tried it in two different internet browsers and both
show the same outcome.

By: snakep

snakep — Fri, 26 Jul 2013 10:34:36 +0000

Couldn’t find the post on this… please tell me the URL so I can get the blue labels

By: Dan

Dan — Fri, 26 Jul 2013 05:48:09 +0000

Great tutorial, but two quick questions.
In olly yours shows LOCAL.X and ARG.X, etc. where x is a number. But mine just show, for example something like: DWORD PTR [EBP-30]
Is this because i’m using Windows 7 64bit?

And lastly you recommended the art of assembly am I correct for myself learning assembly which your strongly yelling at us to do
I saw that you had that on your website, but are you asking us to read all 12 hundred pages or what not of the actual book? What chapters do you strongly recommend I read to understand assembly language?

Thanks
-Dam

By: 30-52-44-33-52

30-52-44-33-52 — Wed, 26 Jun 2013 02:21:19 +0000

Helpful tip for anyone who is stuck getting the help files to work in Windows 7(R).

1. Select the API file in Ollydbg. I’m using the version found in Tutorial 2.
2. Download a supplementary file found on Microsoft’s website. Google WinHelp32.hlp.
3. If the two step above doesn’t solve the problem then you’ll have to make sure the file is unblocked. Go to each help file’s properties window. Click the “unblock” button and the problem should be fixed.

Looking forward to doing this tutorial tomorrow!

By: Khaled

Khaled — Wed, 22 May 2013 01:02:56 +0000

I’m really enjoying your tutorials, thank u very much for the hard work, keep up.

By: Sleep3r

Sleep3r — Wed, 13 Mar 2013 19:02:21 +0000

OOPPPSSS!!! I’ve found it, just behind the Dissasembly zone there’s the information:

Dest=Tutorial3.004012D6 – jumps to KERNEL32.GetModuleHandleA

By: Sleep3r

Sleep3r — Wed, 13 Mar 2013 18:57:02 +0000

The Assemble dialog shows the name of the function and the name of the DLL instead the memory address.

By: Sleep3r

Sleep3r — Wed, 13 Mar 2013 18:55:40 +0000

I’m using OllyDbg 2.0 and when I press Space I get
00401002 CALL
instead of
CALL 004012D6

Anybody knows why?

Thanks in advance.

By: Sleep3r

Sleep3r — Wed, 13 Mar 2013 18:03:28 +0000

If you’ve OllyDbg 2.0 you can set the help for the API under Options -> Directories -> Location of API help file.

Thank you R4ndom for these amazing tutorials!

By: neophyte

neophyte — Thu, 21 Feb 2013 06:36:10 +0000

thanks for this great tut. keep up the good work.