How to install plugin for ollydbg 2.x.x? [Archive]

View Full Version : How to install plugin for ollydbg 2.x.x?

blueflycn

January 28th, 2013, 20:22

Sorry if this question is too newbie but I've searched this forum and googled a lot without any luck

I downloaded the latest ollydbg 2.x.x form its official site and download some plugins from tuts4you http://tuts4you.com/download.php?list.94

But I really can not find some help on how to enable/install the plugins. Does the latest ollydbg do support plugins? or is there something needs to setup in INI file?

OfMonsterAndMen

January 28th, 2013, 20:45

There is no question to that should not be answered with alacrity.

There should be a folder named Plugins in the directory where olly.exe is run from place the plugin in there and presto. There might also be a setting in the options dropdown menu to set the plugin directory.

Regards
OfMonsterAndMen

blueflycn

January 28th, 2013, 21:27

Thanks for your reply. I just figured out that I downloaded an older version 2.0.0, but not the latest 2.0.1h, so the elder version doesn't have a plugin support (no plugin menu item).

Right now I switched to the latest 2.0.1h and downloaded some plugins, configured the plugin path, but still cannot see the plugin menu item except the bookmark plugin that comes alone with the official site.

According to this post http://www.openrce.org/forums/posts/2111 , I guess I have to modify the version in the plugin to make it compatible to the latest 2.0.1h

Any ideas?

Kayaker

January 28th, 2013, 23:41

That was my comment, in reply to the same question.

The comment stands - you can try patching the PLUGIN_VERSION to bypass the ODBG2_Pluginquery check, but there's no guarantee an older plugin will still work, and may even crash, since newer plugin.h declarations will likely have changed, but this should at least make it appear in the menu IF the rest of the plugin successfully loads.

The following message in the Log window will point to a version incompatibility:
Plugin 'pluginname.dll' has incompatible version

Begin by checking the PLUGIN_VERSION value in plugin.h from the SDK, for 2.01h it's 0x02010001. In the bookmark.c plugin example you'll see that value is passed to Ollydbg in ODBG2_Pluginquery.

Now do an IDA text search on Ollydbg.exe for "ODBG2_Pluginquery" and you'll find where it connects to the plugin and checks the return value:

Code:



.text:004DD23E cmp     [ebp+var_C], 2010001h  // version 2.01h

.text:004DD245 jge     @OK

...

    "Plugin has incompatible version" error message to Log window

@OK

Not much else to try except patch either Olly or the plugin to bypass that check and see what happens. I've never actually tried, but I wouldn't hold too much hope any early 2.x plugin will work as advertised.

blueflycn

January 29th, 2013, 01:36

Thank you for your reply. I did the patch according to your comment and some of the plugins work now. But have you tried the ollyext plugin, which is for anti anti-debugging, looks like it still cannot be loaded, cause I can not find any menu items/options of it.