Hey ppl!

I think you missed something while writing this excellent plugin:

<pre>Insertname(0x401000 + lnumber , NM_LABEL, maplabel);</pre>

Here you assume that imagebase is 0x400000 and offset of the code section is 0x1000. This is not always the case, for example this won't work for a dll...

Can you please fix this bug, or should I do it??

Thanks!

yup, i know about that. but i was to lazy to fix it.
as now i dont have access to BC compiler, can you fix it ?

and send it to me to update the stuph page.

thanks

Oke... Do you know if there is any nice function to get the right value automagically? Any other tips? Never written any olly plugins before...

Yup, Imagebase (eg. 0x400000) is in the PE header.
The first executable address would be in the first executable section VirtualAddress property (which would be an RVA, such as 0x1000).

Note that first executable address is NOT the entry point. This is placed as the EntryPoint in the PE file, and will also be an RVA.

Simply add the Imagebase to an RVA to make it a VA.

Hi try :

Retrieves various OllyDbg settings and variables.

int Plugingetvalue(int type);

Parameters:

type - setting or variable to retrieve:

type Cast to Explanation
VAL_HPROCESS (HANDLE) Handle of debugged process
VAL_PROCESSID Process ID of debugged process
VAL_HMAINTHREAD (HANDLE) Handle of main thread of debugged process
VAL_MAINTHREADID Thread ID of main thread of debugged process
VAL_MAINBASE Base of main module in the debugged process
VAL_PROCESSNAME (char *) Name of the debugged process
VAL_EXEFILENAME (char *) Name of the main debugged file
VAL_CURRENTDIR (char *) Current directory for debugged process

regards

SV

Thanks guys! All done now =)

TBD: I mailed you the new version of the plugin. Plz put it in the plugins section of this site.