Results 1 to 3 of 3

Thread: How to get around anti-disassembly tricks on Olly?

  1. #1

    How to get around anti-disassembly tricks on Olly?

    I'm reading Practical Malware Analysis where they talk about anti-disassembly tricks and how to get around them in IDA by using the C or D keys to change opcodes to code or data, but what do you do in Olly when you encounter the same tricks?

  2. #2
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,511
    Blog Entries
    15
    c for code and d for data in ida represents a way to make dis assembly a bit more readable
    where ida during it analysis marked some code as data and didnt disassemble it but
    simply dumped them as bytes you can use C to convert those bytes to Code

    ollydbg is a debugger you normally step through in debugger so all bytes are code to debugger

    you can remove analysis in ollydbg using right click -> analysis->remove analysis from / module / selection etc

  3. #3
    Thanks for the explanation!

Similar Threads

  1. Replies: 2
    Last Post: February 15th, 2009, 21:52
  2. Collection of anti debug tricks
    By Harding in forum Advanced Reversing and Programming
    Replies: 4
    Last Post: November 18th, 2007, 08:58
  3. morpheus anti-sice tricks
    By ignatz in forum Malware Analysis and Unpacking Forum
    Replies: 7
    Last Post: January 10th, 2002, 12:57
  4. anti disassembler tricks x86
    By dominator in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: January 4th, 2002, 13:50
  5. How to pass the installshield 6 anti-softice tricks?
    By draX in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: June 10th, 2001, 15:58

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •