im trying to understand how the ollydbg plugin system works, and i was reading cmdline plugin source...

i'd like to add a 'search sequence' command for this plugin, to do for example:

search "pop ebx\r\nret"

but the plugin api documentantion doesnt say much about it, is there any plugin that uses findallsequences?

int Findallsequences(t_dump *pd,t_extmodel model[NSEQ][NMODELS],ulong origin,char *title);

what is exactly t_extmodel model[NSEQ][NMODELS]?
how do i get that?

any help using that function?

thank you very much in advance!!


damiiw

thats an undocumented function

but both of those are #defined in plugin.h

#define NSEQ 8 // Max length of command sequence
#define NMODELS 8 // Number of assembler search models

why would you want to have search all sequnces in commandline ?

when its nicely available with ctrl+s ??

i mean do you have any specific reasons ?

if yes i can try to poke around

why would you want to have search all sequnces in commandline ?

when its nicely available with ctrl+s ??

i mean do you have any specific reasons ?


blabberer: thanks for answering!

yeah, first of all, i just want to understand how searches works in the plugin api, since as you said they are undocumented.

After that, i would like to implement a search sequences in all loaded modules...

ex: search "pop rA\n pop rB\n ret"

[and that would be searched in all modules]

afaik there is no option for doing that, but i might be wrong...

Thanks again!!

d

i wont spoil your fun then
go around explore and make some thing new then

no there isnt anything that would get you a sequnce in all the loaded modules you have to do them individually for each module
and copy them individually to notepad or some where before you do it for other module thats loaded

search for all sequences and alt+f7 and alt+f8
or ctrl+s and ctrl+l or alt+f7 or alt+f8

all do their magic in only one module at a time

so now go ahead and explore

post if you face some difficulties in making the plugin
if i can i will try and answer the question