A new, improved and extended version of OllyScript is now available for
download at http://ollyscript.apsvans.com ("http://ollyscript.apsvans.com") . =)

From "What's new?" in readme.txt:
<pre>
Some parts are recoded and some requested features are implemented.

+ You can now pause / resume and reset the script from the plugin menu.
Pausing can also be done in script.
+ Now commands:
ASM, BPHWS, BPHWC, BPRM, BPWM, FINDOP, MSG, PAUSE, SUB
+ Special variable &#036;RESULT introduced
+ Last script directory now remembered

# UPX OEP finder script is now redone and really useful =)
# UBP is replaced by BP. Functionality is the same though. Please
use BP in future scripts (for now UBP still works).
# Bug that made OllyScript continue execution even thoigh OllyDbg
has been restarted is fixed.
</pre>

psyCK0: nice stuph !

suggestion:
* add commands to add/remove labels/comments (would be nice in UPX.osc to add comment - "UPXex program OEP" )

readme.txt: "Already lots of scripts have been written" - where are they ?

Hey TBD,

1. How do you mean add/remove labels/comments?
2. For the scripts check exetools. Mostly it's unpacking stuff. =)

psyCK0:

> add/remove labels/comments
labels:
C code: insertname(addr,NM_LABEL, "text"
OSC command: addl text - add label

comments:
C code: insertname(addr,NM_COMMENT, "text"
OSC command: addc text - add comment

purpose: good on finding automated things made by scripts
(e.g. addc "UPXed program OEP" before ret in UPX.osc)

Great work psyCK0,

Rewrote my aspack script with hardware breakpoint.

eob Break
findop eip, #6175#
bphws &#036;RESULT, "x"
run

Break:
bphwc &#036;RESULT
sto
sto
sto
sto
log eip

ret

lownoise: nice to see you found this place =)
Great script btw! Thinking of writing one for dillo, but
its a bit more complicated..

TBD: Now I got it. Will be done in 0.5!

TBD Don't know if it's allowed to post these scripts here?
psyCKO If you've looked in the history of this forum you'll see some other posts of me =}
Will look forward to see your dillo script

Neolite

eob Break
findop eip, #FFE0#
bphws &#036;RESULT, "x"
run

Break:
bphwc &#036;RESULT
sti
log eip
ret

psyCK0 future request :Breakpoints on api

Was i drunk? future ---->feature

BP on API: Queued for 0.5

Thanks, It looks like your script plugin will be very usefull for some of us -)

Hiya,
I know I'm going to kick myself , can someone point out the error in this,
where address is obviously substituted with real address. All I get is the hw bp set, runs to address and doesn't clear the hw bp or set the next bp.
tia

eob clrbp0
bphws address, "x"
run
clrbp0:
bphwc address
sti
bp api
run
ret

Anonymous: the eob command acts strangely i think... will be better implemented in 0.5. Anyway, add "eoe drbp0" just after your "eob drbp0".. Also a "ret" after "run" might be a good idea (try it out).

Hope it helps.

Hiya,
Well transfer execution on next exception is no good to me, an exception is what I'm looking to avoid. No probs I can live without it and look forward to 0.5, thanks and keep up the good work.
regards

I see.. Well, it will be fixed in v0.5.

Anonymous could you please mail me URL to the target?
I can't reproduce this behaviour here....

ollyscript at apsvans dot com

Sincere apologies it appears the problem is indeed app specific. Will do some checking as I should have before posting.
regards

Pls add CTRL+F7,F8,F9,F11,F12