Question about analisys with olly

dkaitos · 2012-01-31, 02:13 PM

Hi,

I started learning ollyDbg and reversing but I'm still really confused about unpacking.
I'm trying to analyze the application of drakensang online [LINK], just to understand unpacking etc.

Since this I got 2 question:

1> If I want to analyze a software with ollydbg should I run the process and THEN attach olly to the process or should I open it with olly when the application isn't running?

2> I tried to attach olly to the running application and it opened a .dll in the same folder. Is it normal? Should I analyze the .dll insteal of the application?

Thanks in advice for your time.

~~rodoxfnx~~ · 2012-01-31, 02:36 PM

Originally Posted by dkaitos

Hi,

I started learning ollyDbg and reversing but I'm still really confused about unpacking.
I'm trying to analyze the application of drakensang online [LINK], just to understand unpacking etc.

Since this I got 2 question:

1> If I want to analyze a software with ollydbg should I run the process and THEN attach olly to the process or should I open it with olly when the application isn't running?

2> I tried to attach olly to the running application and it opened a .dll in the same folder. Is it normal? Should I analyze the .dll insteal of the application?

Thanks in advice for your time.

Once you bypass there protections on the exe. it does not matter if you start or attach.
But most applications (games) does have protections against memory editor like ollydbg.
about dll, no you can just press ALT+E and look for the EXE process, this should describe the name of the program.

dkaitos · 2012-01-31, 03:19 PM

Originally Posted by rodoxfnx

most applications (games) does have protections against memory editor like ollydbg

This means that they don't allow me to open the exe?
or that I can open the exe but there is a sort of "missing code"?
Because I can actually open the .app and the .dll but I don't know if there is something missing...

The_USDL · 2012-02-01, 02:10 AM

This means that you can even open, but the program will cause some sort of error or problem, purposely.
You need to bypass those protections.

dkaitos · 2012-02-03, 07:46 PM

Ok thank you. I appreciate your help.

Thread: Question about analisys with olly

Thread Tools

Display

Question about analisys with olly

Similar Threads

[Tutorial] Part 2: Creating Hacks/Cheats With CE + Olly

Just share olly with +aadp+ dump plug for unpack AIKAIN from S4R4H Tuts

And Question!

[Tutorial] Part 1: Creating Hacks/Cheats With CE + Olly

Posting Permissions