Hi,
unfortunately the plugin is not ready.
It's only my first try, to realize.
missing functions:
- processing datareferences
- FileOutputDialog, at this time the plugin write the output to c:\\test.asm
- maybe output format correction ?
- many more
Now i haven't the time to finish my work
--------------------- cut -------------------------
#include <vcl.h>
#pragma hdrstop
#include <windows.h>
#include <stdio.h>
#include <string.h>
#include <algorithm>
#include <string>
#include <map>
/*
Aufgabe:
- Datenreferenzen verarbeiten
- Kommentare ausgeben
- ...
*/
#include "plugin.h"
#define TAG_RIPPER 0x236D420AL // RIPPER record type in .udd file
void trace(unsigned long adress,int type);
//@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
using namespace std;
struct line_t
{
string cmd;
int ltype;
string label; // optinal, wenn sprung hier her führt !
};
typedef map<unsigned long, line_t> decodelist_t; // key = adresse
typedef decodelist_t::value_type value_t;
decodelist_t decodelist; // hier werden alle kommandos gespeichert !
//@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
//------------------
// globale Variablen
HINSTANCE hinst; // DLL instance
HWND hwmain; // Handle of main OllyDbg window
//-------------------------------------------------------------------
// Entry point der dll, hier bekommen wir den handle zur dll !
//-------------------------------------------------------------------
BOOL WINAPI DllEntryPoint(HINSTANCE hi,DWORD reason,LPVOID reserved) {
if (reason==DLL_PROCESS_ATTACH)
hinst=hi; // Mark plugin instance
return 1; // Report success
};
//-------------------------------------------------------------------
//-------------------------------------------------------------------
// gibt den Namen und die Version and Olly zurück
//-------------------------------------------------------------------
extc int _export cdecl ODBG_Plugindata(char shortname[32]) {
strcpy(shortname,"Ripper"
; // Name of plugin
return PLUGIN_VERSION;
};
//-------------------------------------------------------------------
//-------------------------------------------------------------------
// wie der name schon sagt !
// return 0 = alles ok
// return -1 = plugin wird nicht benutzt
//-------------------------------------------------------------------
extc int _export cdecl ODBG_Plugininit(int ollydbgversion,HWND hw,ulong *features)
{
// stimmt die Version ?
if (ollydbgversion<PLUGIN_VERSION) return -1;
// sichere handle vom olly fenster
hwmain=hw;
// schreibe ins logfile
Addtolist(0,0,"ripper plugin v1.00"
;
return 0;
};
//-------------------------------------------------------------------
//-------------------------------------------------------------------
// Hauptschleife
//-------------------------------------------------------------------
extc void _export cdecl ODBG_Pluginmainloop(DEBUG_EVENT *debugevent)
{
};
//-------------------------------------------------------------------
//-------------------------------------------------------------------
// trägt plugin in die systemmenus ein
//-------------------------------------------------------------------
extc int _export cdecl ODBG_Pluginmenu(int origin,char data[4096],void *item) {
int i,n;
t_dump *pd;
switch (origin) {
// Menu creation is very simple. You just fill in data with menu pattern.
// Some examples:
// 0 Aaa,2 Bbb|3 Ccc|,, - linear menu with 3items, relative IDs 0, 2 and 3,
// separator between second and third item, last
// separator and commas are ignored;
// #A{0Aaa,B{1Bbb|2Ccc}} - unconditional separator, followed by popup menu
// A with two elements, second is popup with two
// elements and separator inbetween.
case PM_MAIN: // Plugin menu in main window
strcpy(data,"0 &About"
;
return 1;
case PM_DISASM: // Popup menu in Disassembler
// First check that menu applies.
pd=(t_dump *)item;
if (pd==NULL || pd->size==0) return 0; // Window empty, don't add
// Start second-level popup menu.
strcpy(data,"0 rip this now"
;
return 1;
default: break; // Any other window
};
return 0; // Window not supported by plugin
};
//-------------------------------------------------------------------
// This optional function receives commands from plugin menu in window of type
// origin. Argument action is menu identifier from ODBG_Pluginmenu(). If user
// activates automatically created entry in main menu, action is 0.
extc void _export cdecl ODBG_Pluginaction(int origin,int action,void *item) {
t_dump *pd;
if (origin==PM_MAIN)
{
switch (action)
{
case 0:
// Menu item "About", displays plugin info. If you write your own code,
// please replace with own copyright!
MessageBox(hwmain,
"ripper plugin v1.00\n"
"Copyright (C) 2003-2006 PsyJoe",
"Ripper plugin",MB_OK|MB_ICONINFORMATION);
break;
default: break;
}
}
else if (origin==PM_DISASM)
{
pd=(t_dump *)item;
if(action==0)
{
// rip now
)
decodelist.clear();
// decodiere erstes commando unf folge ihm
//-----------------------------------------
t_disasm da;
char cmd[MAXCMDSIZE];
if(Readcommand(pd->sel0,cmd)<=0) return;
char *pdecode=NULL; //keine analyse
int cmdlen=Disasm(cmd,MAXCMDSIZE,pd->sel0,pdecode,&da,DISASM_CODE,0);
if(cmdlen<=0) return;
if(da.jmpaddr==0) return;
trace(da.jmpaddr, ((da.cmdtype&C_TYPEMASK)==C_CAL)?0:1);
// speichere ergebnis ab
//----------------------------------------
FILE *out=fopen("c:\\test.asm","wt"
;
if(out<0)
{
//Fehlermsg
return;
}
// sort(decodelist.begin(),decodelist.end()); // sortiere nach adressen
for (decodelist_t::iterator i=decodelist.begin(); i != decodelist.end(); ++i)
{
switch((*i).second.ltype)
{
case 1:
fprintf(out,"\n\n;#################################################### #\n"
;
fprintf(out, ";## Function ##\n"
;
fprintf(out, ";#####################################################\n"
;
fprintf(out,"%s\n",(*i).second.label);
break;
case 2:
fprintf(out,"%s\n",(*i).second.label);
break;
};
//fprintf(out," %X %s\n",(*i).first,(*i).second.cmd);
fprintf(out," %s\n",(*i).second.cmd);
}
fclose(out);
}
}
}
// This function receives possible keyboard shortcuts from standard OllyDbg
// windows. If it recognizes shortcut, it must process it and return 1,
// otherwise it returns 0.
extc int _export cdecl ODBG_Pluginshortcut(int origin,int ctrl,int alt,int shift,int key,void *item) {
return 0; // Shortcut not recognized
};
// Function is called when user opens new or restarts current application.
// Plugin should reset internal variables and data structures to initial state.
extc void _export cdecl ODBG_Pluginreset(void) {
};
// OllyDbg calls this optional function when user wants to terminate OllyDbg.
// All MDI windows created by plugins still exist. Function must return 0 if
// it is safe to terminate. Any non-zero return will stop closing sequence. Do
// not misuse this possibility! Always inform user about the reasons why
// termination is not good and ask for his decision!
extc int _export cdecl ODBG_Pluginclose(void) {
// For automatical restoring of open windows, mark in .ini file whether
return 0;
};
// OllyDbg calls this optional function once on exit. At this moment, all MDI
// windows created by plugin are already destroyed (and received WM_DESTROY
// messages). Function must free all internally allocated resources, like
// window classes, files, memory and so on.
extc void _export cdecl ODBG_Plugindestroy(void) {
};
//##################################################
// udd Datei zugriffe
//##################################################
// Time to save data to .udd file! This is done by calling Pluginsaverecord()
extc void _export cdecl ODBG_Pluginsaveudd(t_module *pmod,int ismainmodule) {
return;
};
// OllyDbg restores data from .udd file.
extc int _export cdecl ODBG_Pluginuddrecord(t_module *pmod,int ismainmodule,
ulong tag,ulong size,void *data) {
return 0;
};
//-------------------------------------------------------------------- -------
/*
trägt das decodete in eine Liste ein !
*/
void saveToList(unsigned long adress,t_disasm *da)
{
//sprintf(buffer,"debuginfo2 %d [%s] [ref: %X] [cond %x]",cmdlen,da.result,da.jmpaddr,da.cmdtype);
line_t line;
line.label="";
line.l
