执行直到用户代码不起作用 [英] Execute Till User Code doesn't work
问题描述
我试图使用OllyDbg的执行直到用户代码功能(这对我来说至关重要),但它从未有效。
I'm trying to use OllyDbg's "Execute Till User Code" feature (which is essential for me) but it never works.
我第一次尝试程序称为 MessageBoxA 。当它调用它时,我暂停了调试器中的程序,并发出OllyDbg来执行直到用户代码,但程序仍然被暂停并完全冻结。我甚至无法点击 MessageBox 的确定按钮,甚至使其从OllyDbg继续。当我尝试太难以使它继续它刚刚崩溃。
I first tried it on a program which called MessageBoxA. When it called it I paused the program in the debugger and issued OllyDbg to execute till user code, but the program was still paused and completely frozen. I couldn't even click the MessageBox's OK button, or even make it continue from OllyDbg. When I tried too hard to make it continue it just crashed.
所以我决定在NASM写一个应用程序(完全控制),并尝试在那里。 MessageBoxA 弹出,我暂停执行,直到用户代码,这次我可以按OK按钮,但是OllyDbg一旦没有暂停程序。
So I decided to write an application in NASM (to have complete control) and tried it there. The MessageBoxA popped, I paused, executed till user code, I could press the OK button this time, but OllyDbg didn't pause the program once I did. The program just executed as if nothing happened.
为什么它不起作用,我可以做些什么来解决?
OllyDbg 1.10(无插件)
Windows 7 Ultimate SP1 64位
更新:
我试图使用OllyDbg 2.0,但执行到用户代码按钮由于某种原因被完全禁用。
Update:
I've tried to use OllyDbg 2.0 but the Execute till user code button is completely disabled for some reason.
推荐答案
我遇到同样的问题,同时遵循Lena的教程#4,我想我已经弄清楚了。当我按Alt + F9执行到用户代码执行时,我注意到,线程窗口(Alt + T)中除了一个线程之外都设置了挂起标志。显然,Alt + F9只恢复一个线程。幸运的是,OllyDbg能够通过右键单击并选择恢复(或使用+键)手动恢复其他线程。对我来说,这是足够的解冻对话框,并让OllyDbg在MessageBoxA调用后立即暂停。
I ran into the same issue while following Lena's tutorial #4 and I think I've figured it out. When I press Alt+F9 to "Execute Until User Code," I notice that all but one thread in the Threads window (Alt+T) have the suspend flag set. Evidently, Alt+F9 only resumes one thread. Fortunately, OllyDbg has the ability to manually resume the other threads by right clicking on them and selecting "Resume" (or by using the + key). For me, this was sufficient both to unfreeze the dialog and to get OllyDbg to pause immediately after the call to MessageBoxA.
这篇关于执行直到用户代码不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
