Note: This was last updated in 2006 and the IDA plugin is for v4.8! Olly plugin is still relevant.
Overview:
This package contains an IDA and OLLY plugin that i made in spare time to handle some of my wish list features for IDA and Olly. I will warn you these plugins are quite crude, but they serve their purpose.
The Olly Plugin has 2 main features. The first is minimal script editor interface that allows you access its plugin api from vbscript. It is designed to work across multiple breakpoints. It should be working, it might be a bit buggy i havent played with it in a while. The script editor also contains a very minimal form of intellisense.
The second feature of the olly plugin is to minimally integrate your olly debugging with your IDA disassembly. I always have to have both open during an analysis, so with this, every time olly hits a breakpoint or single steps, it will remotely sync your IDA disassembly window.
The IDA plugin is more complex and has allot more features, but it equally crude :P You can get a sense for the features it supports from the following screen shot.
Currently the plugin includes functionality to:
- Enumerate all functions and display some charateristics of each
- Dump functions to bytes and asm output
- Undefine selected blocks of IDA disassembly
- Display origial bytes for a selection (if patched)
- Remove & Apply patchs (including importing an entire patch file for series of bytes)
- Importing Olly "Intermodular Calls" call tables
- UI to calculate VA, RVA, and raw file offsets for PE files
- Perform Memory dumps of a currently debugged process
- VBScript UI similar to the Olly VBScript UI shown above.
- Open a command socket which can be used to sync displays with Olly (using above plugin)
- VB API Declares Extractor/Renamer - (tested with decompiled VB6 apps only)
See the readme file in the installer package for mroe details.
Download Installer