first, always thank to forums... here my questions

q1 -

How to look al, bl, cl, dl Register in Olly?

In SoftIce the way to look these is -> :?al


q2 -

wanna some code patched like below ... but do not know how

(before)
0047730B 034424 10 ADD EAX,DWORD PTR SS:[ESP+10]
↓
(after)
0047730B FF DB FF
0047730C FF DB FF
0047730D FF DB FF
0047730E FF DB FF

right click at 0047730b -> assemble -> type what in textbox??

regards.

Q1: Look at the registers window (right hand side of the screen). If you can't figure out AL by looking at EAX, BL by looking at EBX, etc., then google "x86 registers"...

Q2: Right click--> Binary-->Binary edit

TADA!!

hi,
1) get the command line plugin and you can get the value you want just like softice
2)select a few lines on cpu windows,right click,Follow in dump - selection and dump it in hex dump window you can edit as hex if you want

Thank you, esther and xenakis ...

I really have not Known so far I could use commandline plugin as SoftIce command line ;>

actually Now, I try Shub-Nigurrath's Tut about Removing SSpro Dongle from apps.

one more question, plz...


I want below... (In Tut, After patching ....Codes like below)

(before)
0047730B 034424 10 ADD EAX,DWORD PTR SS:[ESP+10]
↓
(after)
0047730B FF DB FF
0047730C FF DB FF
0047730D FF DB FF
0047730E FF DB FF


but After rightclick -> binary -> edit (or) Edit directly In Hex dump, codes like below...

(before)
0047730B 034424 10 ADD EAX,DWORD PTR SS:[ESP+10]
↓
(after)
0047730B FFFF ???
0047730D FFFF ???


question :
0047730B FFFF ???
0047730D FFFF ???
is working same as
0047730B FF DB FF
0047730C FF DB FF
0047730D FF DB FF
0047730E FF DB FF
?

press the space bar and type the code you want (this is the assembly mode),

In the plugin comand you can type like softice, ?AL o ?BL and you see the results, or you can see the value in in EAX or EBX register.

ricnar

ah I see, you need edit bytes in the hex dump, sorry i understand now what you need.

ricnar