/* updated with one more command loadplugin usage alt+f1 type loadplugin "yourplugin" this will load the plugin and register should be use full under circumstances where you dont have the requisite plugin and you dont want to copy it to ollydbg plugin path and also you dont want to restart the existing session this will also bypass the 32 bit plugin limit if you already have 32 plugins loaded it will ask you if you want to free the last loaded plugin and insert the plugin in its place on confirmation it will load the plugin as the last one and a BIG THANKS to ALEX_IONESCU for helping me with wrting this plugin without his patience and help i would have ended up with some horrible looking code like ((*(char **)&(DWORD *)0x40f55bc + *(word *)ox401234 ) * 45 ) = (ulong)my_newcrap; all the slick looking typedefs declarations etc belongs to Alex */ #define COUNT_OF_PLUGINS 0x4f55b4 // ollydbg global #define MENU_DATA 0x4f55bc // ollydbg global #define PLUGIN_ARRAY 0x4f0ab4 // ollydbg global #define MENU_ID_BASE 0xE000 // ollydbg global #define MENUS_PER_PLUGIN 0x40 // ollydbg global extern HWND hwmain; // defined in command.c typedef INT (__cdecl *PODBG_PLUGIN_DATA) (IN PCHAR ShortName); typedef INT (__cdecl *PODBG_PLUGIN_INIT) (int ollydbgversion,HWND hw,ulong *features); typedef VOID (__cdecl *PODBG_PLUGIN_MAINLOOP) (DEBUG_EVENT *debugevent); typedef VOID (__cdecl *PODBG_PLUGIN_SAVEUDD) (t_module *pmod,int ismainmodule); typedef INT (__cdecl *PODBG_PLUGIN_UDDRECORD) (t_module *pmod,int ismainmodule,ulong tag,ulong size,void *data); typedef INT (__cdecl *PODBG_PLUGIN_MENU) (int origin,char data[4096],void *item); typedef VOID (__cdecl *PODBG_PLUGIN_ACTION) (int origin,int action,void *item); typedef INT (__cdecl *PODBG_PLUGIN_SHORTCUT) (int origin,int ctrl,int alt,int shift,int key,void *item); typedef VOID (__cdecl *PODBG_PLUGIN_RESET) (void); typedef VOID (__cdecl *PODBG_PLUGIN_CLOSE) (void); typedef VOID (__cdecl *PODBG_PLUGIN_DESTROY) (void); typedef INT (__cdecl *PODBG_PLUGIN_PAUSED) (int reason, t_reg *reg); typedef INT (__cdecl *PODBG_PLUGIN_PAUSEDEX) (int reason,int extdata,t_reg *reg,DEBUG_EVENT *debugevent); typedef INT (__cdecl *PODBG_PLUGIN_PLUGINCMD) (int reason,t_reg *reg,char *cmd); typedef VOID (__cdecl *PODBG_PLUGIN_SOMEROUTINE) (HMENU nm,char *menubuf,UINT_PTR id,int unkn); typedef void (__cdecl *PODBG_PLUGIN_CLOSE) (void); typedef void (__cdecl *PODBG_PLUGIN_DESTROY) (void); typedef struct _ODBG_PLUGIN { HMODULE hMod; char dll[MAX_PATH]; char name[32]; char unknown[MAX_PATH]; DWORD unknown1; PODBG_PLUGIN_MAINLOOP my_ODBG_Pluginmainloop; PODBG_PLUGIN_MENU my_ODBG_Pluginmenu; PODBG_PLUGIN_ACTION my_ODBG_Pluginaction; PODBG_PLUGIN_SHORTCUT my_ODBG_Pluginshortcut; PODBG_PLUGIN_SAVEUDD my_ODBG_Pluginsaveudd; PODBG_PLUGIN_UDDRECORD my_ODBG_Pluginuddrecord; PODBG_PLUGIN_RESET my_ODBG_Pluginreset; PODBG_PLUGIN_PAUSED my_ODBG_Paused; PODBG_PLUGIN_PAUSEDEX my_ODBG_Pausedex; PODBG_PLUGIN_PLUGINCMD my_ODBG_Plugincmd; } ODBG_PLUGIN, *PODBG_PLUGIN; int Loadplugin(char *answer,ulong parm) { HMODULE newmod; char shortname[4096]; int r,s,t,u; char pdata[] = {"_ODBG_Plugindata"}; char pinit[] = {"_ODBG_Plugininit"}; char paction[] = {"_ODBG_Pluginaction"}; char pmainloop[] = {"_ODBG_Pluginmainloop"}; char pmenu[] = {"_ODBG_Pluginmenu"}; char pshortcut[] = {"_ODBG_Pluginshortcut"}; char psaveudd[] = {"_ODBG_Pluginsaveudd"}; char puddrecord[] = {"_ODBG_Pluginuddrecord"}; char preset[] = {"_ODBG_Pluginreset"}; char ppaused[] = {"_ODBG_Paused"}; char ppausedex[] = {"_ODBG_Pausedex"}; char pplugincmd[] = {"_ODBG_plugincmd"}; char pload[MAX_PATH]; char perror[] = {"Plugin '%s' has invalid version (%i.%02i)"}; char perrinit[] = {"Plugin '%s' failed to initialize (code %i)"}; char maxplugin[] = {"max 32 plugin allowed want to free the last plugin and continue"}; PODBG_PLUGIN_SOMEROUTINE someroutine = (PODBG_PLUGIN_SOMEROUTINE)0x496260; PODBG_PLUGIN_DATA my_ODBG_Plugindata; PODBG_PLUGIN_INIT my_ODBG_Plugininit; PODBG_PLUGIN_CLOSE my_pluginclose; PODBG_PLUGIN_DESTROY my_plugindestroy; PODBG_PLUGIN my_plugin; ulong count; ulong features; UINT_PTR uIDNewItem; HMENU newmenu; HMENU newmainmenu; PCHAR *pblah = (PCHAR *)MENU_DATA; newmainmenu = GetSubMenu(GetMenu(hwmain),4); count = *(PULONG)COUNT_OF_PLUGINS; if(count>=32) { t = MessageBox(hwmain,maxplugin,"OLLYDBG Plugin Loader",MB_YESNO); if(t == IDYES) { my_plugin = (PODBG_PLUGIN)PLUGIN_ARRAY; my_plugin = &my_plugin[count-1]; my_pluginclose = (PODBG_PLUGIN_CLOSE)GetProcAddress(my_plugin->hMod,"_ODBG_Pluginclose"); if(my_pluginclose) my_pluginclose(); my_plugindestroy = (PODBG_PLUGIN_CLOSE)GetProcAddress(my_plugin->hMod,"_ODBG_Plugindestroy"); if(my_plugindestroy) my_plugindestroy(); FreeLibrary(my_plugin->hMod); memset(my_plugin,0,sizeof(ODBG_PLUGIN)); RemoveMenu(newmainmenu,count,MF_BYPOSITION); DrawMenuBar(hwmain); *(PULONG)COUNT_OF_PLUGINS -= 1; goto delload; } } else { delload: strncpy(pload,string,TEXTLEN-1); newmod = LoadLibrary(pload); if(newmod) { my_ODBG_Plugindata = (PODBG_PLUGIN_DATA)GetProcAddress(newmod,pdata); my_ODBG_Plugininit = (PODBG_PLUGIN_INIT)GetProcAddress(newmod,pinit); if((my_ODBG_Plugininit) && (my_ODBG_Plugindata)) { *shortname = 0; r = my_ODBG_Plugindata((shortname)); if(r < 0x6a || r > 0x6e || *shortname == 0) { Addtolist(0,0,perror,pload,(r / 0x64),(r % 0x64)); } else { count = *(PULONG)COUNT_OF_PLUGINS; my_plugin = (PODBG_PLUGIN)PLUGIN_ARRAY; my_plugin = &my_plugin[count]; my_plugin->hMod= newmod; strcpy(my_plugin->dll,pload); strncpy(my_plugin->name,shortname,0x1f); my_plugin->name[31] = 0; my_plugin->my_ODBG_Pluginaction = (PODBG_PLUGIN_ACTION)GetProcAddress(newmod,paction); my_plugin->my_ODBG_Pluginmainloop = (PODBG_PLUGIN_MAINLOOP)GetProcAddress(newmod,pmainloop); my_plugin->my_ODBG_Pluginmenu = (PODBG_PLUGIN_MENU)GetProcAddress(newmod,pmenu); my_plugin->my_ODBG_Pluginshortcut = (PODBG_PLUGIN_SHORTCUT)GetProcAddress(newmod,pshortcut); my_plugin->my_ODBG_Pluginsaveudd = (PODBG_PLUGIN_SAVEUDD)GetProcAddress(newmod,psaveudd); my_plugin->my_ODBG_Pluginuddrecord= (PODBG_PLUGIN_UDDRECORD)GetProcAddress(newmod,puddrecord); my_plugin->my_ODBG_Pluginreset = (PODBG_PLUGIN_RESET)GetProcAddress(newmod,preset); my_plugin->my_ODBG_Paused = (PODBG_PLUGIN_PAUSED)GetProcAddress(newmod,ppaused); my_plugin->my_ODBG_Pausedex = (PODBG_PLUGIN_PAUSEDEX)GetProcAddress(newmod,ppausedex); my_plugin->my_ODBG_Plugincmd = (PODBG_PLUGIN_PLUGINCMD)GetProcAddress(newmod,pplugincmd); features = 0; s = my_ODBG_Plugininit(PLUGIN_VERSION,hwmain,&features); if(s) { Addtolist(0,0,perrinit,pload,s); } else { uIDNewItem = ((*(PULONG)COUNT_OF_PLUGINS) * MENUS_PER_PLUGIN) + MENU_ID_BASE; *shortname =0; if( (my_plugin->my_ODBG_Pluginmenu == 0) || !(my_plugin->my_ODBG_Pluginmenu(0,shortname,0)) || (*shortname == 0)) { newmenu =0; } else newmenu = CreateMenu(); if(newmenu) { *pblah = shortname; someroutine(newmenu,(PCHAR)PLUGIN_ARRAY,uIDNewItem,1); } u = *(PULONG)COUNT_OF_PLUGINS; if(!(u >= 10)) sprintf(shortname,"&%i %s",((u+1)%10),my_plugin->name); else sprintf(shortname,"%s",my_plugin->name); if(!newmenu) AppendMenu(newmainmenu,MF_BYCOMMAND|MF_ENABLED|MF_STRING,uIDNewItem,shortname); else AppendMenu(newmainmenu,MF_BYCOMMAND|MF_ENABLED|MF_STRING|MF_POPUP,(UINT_PTR)newmenu,shortname); *(PULONG)COUNT_OF_PLUGINS += 1; newmod = 0; } } } } if(newmod) FreeLibrary(newmod); DrawMenuBar(hwmain); Addtolist(0,1,"New Plugin %s loaded succesfully",pload); } return 0; }
There are 31,322 total registered users.
[+] expand
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}