How do i use ollydbg

We are finding the string — Right Password. Once we find that, we have to check out if it's calling convention code - A jump. Figure 3 x86 assembly code. Now, we will find out the two jumps that actually make the comparison and matching for our name and password with its logic. Figure 4 Non Operation jump. Now, test your EXE again to see if it is working or not and if it gives the direct Right password message or not. There are many ways to do it; this is just the beginner level.

However, you can find its right password by putting breakpoints and analyzing the ASCII dump that got created in the software. Thank you for reading, Have a great day. View All. Nilesh Jadav Updated date Sep 20, You can right-click on almost anything in OllyDbg to get a context menu to examine your many debugging options. First, it is usually a good idea to configure OllyDbg to ignore exceptions and to show loops.

Figure Configure Olly to Ignore Exceptions. To demonstrate the power and functionalities of OllyDbg, we will use a sample that has some copy protections. Say we downloaded a trial piece of software that expires after a certain date or after 30 days. All we get is an error message when we attempt to execute it. The first thing we should do is assess the software with CFF explorer to identify the development language used and some other particulars. We will need to rely on OllyDbg.

Open the CrackMeDemo. In the menu bar, select File then open to navigate to the location of CrackMeDemo. Olly will disassemble the binary file and it will look something like Figure After disassembly, Olly will take us to the entry point, which for this sample is at virtual address 0xE. At this point, the question we are now faced with is where to begin? Instead, we will use the power of the debugger to help us locate the error message. By hitting F9 to run the debugger, we should encounter the error message as seen in Figure Now we will attempt to find the time limit checking code.

Next press F12 to pause the debugging execution. With the execution paused, we now can search for the code that causes the error message. One way to look for our error message is to examine the current call stack since the error message is currently displayed at this point. From this vantage point you can easily see that the error message string is a parameter of the MessageBoxA function call see Figure Select the USER Part 5, Adding and Removing Software.

Part 6, Managing Permssions. Part 8, Managing the User Environment. Part 9, Text manipulation. Part 10, Loadable Kernel Modules. Training Packages. Shadow Brokers Exploits. Wireless Hacks Wireless Hacking Strategies. Getting Started with aircrack-ng. Cracking WPS on Wifi. Evading Wireless Authentication. Wireless Hacking with Wifiphisher. Wi-Fi Hacking without Cracking Passwords. Part 3: Building a Raspberry Spy Pi. Part 2, Building a Raspberry Spy Pi.

Part 4: Adding Listening Capability. Spy on Anyone's Smartphone. Listen to Anyone's Conversation. How to Catch a Terrorist. How to Hack Web cams. Part 7: Creating a Backdoor with weevely. Part 8: Cloning a Web Site. Part 9: XSS. Part Directory or Path Traversal. Part CSRF. Part OS Command Injection. Part Fingerprinting with whatweb. Finding Hidden Directories with dirb.

Web Technologies, Part 1. Overview and Strategy for Beginners. Spidering a Website with Scarab. Finding Vulnerable WordPress Sites. Finding Vulnerabilities in WordPress. Finding Web Vulnerabilities: Wikto. Hacking Form Authentication with Burp Su. Network Forensics Wireshark Basics. Part 1: Analyzing an Intrusion. Part 3: Packet Analysis EternalBlue. Networks Basics for Hackers. Digital Forensics Network Forensics.

Recovery of Deleted Files. Part 1, Capturing the Image. Part 2, Live Memory Acquisition. Part 3, Recovering Deleted Files. Part 4, Finding key Evidence. Part 5, Analyzing the Registry. Part 6: Pre-Fetch Files. Part 7: Browser Forensics. Part 8: Live Analysis with Sysinternals. Automobile Hacking Hacking the Mitsubishi Outlander.

Part 2, can-utils for Linux. Part 3: Car Hacking with Metasploit. Part 4: Hacking the Key Fob. Part 5: Hacking the Remote Alarm. Anatomy of ClamAV. Evading AV with Veil-Evasion. Part 4, Extracting Data with sqlmap.

Password Cracking Strategy. Online Password Cracking. Online Password Cracking with Hydra. Related Bootcamps. Incident Response. Ken Eddy says:. November 2, at am. December 4, at pm. September 17, at pm. James says:. January 8, at pm. January 15, at pm. February 1, at am.

July 23, at am. Leo says:. September 7, at pm. September 9, at am. Alemayehu Tilahun says:. December 16, at pm. Janabi says:. December 17, at am. December 19, at am. January 6, at am. Nic Lave says:. March 16, at pm. Aritra says:. April 30, at pm. Leave a Reply Cancel reply Your email address will not be published. Reverse engineering.