ollyDBG 단축키
tips 2010. 5. 11. 01:47 |
|
Function |
Window |
Menu command |
Shortcut |
|
Edit memory as binary, ASCII or UNICODE string |
Disassembler, Stack Dump |
Binary|Edit |
Ctrl+E |
|
Undo changes |
Disassembler, Dump Registers |
Undo selection Undo |
Alt+BkSp |
|
Run application |
Main |
Debug|Run |
F9 |
|
Run to selection |
Disassembler |
Breakpoint|Run to selection |
F4 |
|
Execute till return |
Main |
Debug|Execute till return |
Ctrl+F9 |
|
Execute till user code |
Main |
Debug|Execute till user code |
Alt+F9 |
|
Set/reset INT3 breakpoint |
Disassembler Names, Source |
Breakpoint|Toggle Toggle breakpoint |
F2 |
|
Set/edit conditional INT3 breakpoint |
Disassembler Names, Source |
Breakpoint|Conditional Conditional breakpoint |
Shift+F2 |
|
Set/edit conditional logging breakpoint (logs into the Log window) |
Disassembler Names, Source |
Breakpoint|Conditional log Conditional log breakpoint |
Shift+F4 |
|
Temporarily disable/restore INT3 breakpoint |
Breakpoints |
Disable Enable |
Space |
|
Set memory breakpoint (only one is allowed) |
Disassembler, Dump |
Breakpoint|Memory, on access Breakpoint|Memory, on write |
|
|
Remove memory breakpoint |
Disassembler, Dump |
Breakpoint|Remove memory breakpoint |
|
|
Set hardware breakpoint (ME/NT/2000 only) |
Disassembler, Dump |
Breakpoint|Hardware (select type and size!) |
|
|
Remove hardware breakpoint |
Main |
Debug|Hardware breakpoints |
|
|
Set single-short break on access to memory block (NT/2000 only) |
Memory |
Set break-on-access |
F2 |
|
Set break on module, thread, debug string |
Options |
Events |
|
|
Set new origin |
Disassembler |
New origin here |
|
|
Display list of all symbolic names |
Disassembler, Dump Modules |
Search for|Name (label) View names |
Ctrl+N |
|
Context-sensitive help (requires external help file!) |
Disassembler, Names |
Help on symbolic name |
Ctrl+F1 |
|
Find all references in code to selected address range |
Disassembler Dump |
Find references to|Command Find references |
Ctrl+R |
|
Find all references in code to the constant |
Disassembler |
Find references to|Constant Search for|All constants |
|
|
Search whole allocated memory |
Memory |
Search Search next |
Ctrl+L |
|
Go to address or value of expression |
Disassembler Dump |
Go to|Expression Go to expression |
Ctrl+G |
|
Go to previous address/run trace item |
Disassembler |
Go to|Previous |
Minus |
|
Go to next address/run trace item |
Disassembler |
Go to|Next |
Plus |
|
Go to previous procedure |
Disassembler |
Go to|Previous procedure |
Ctrl+Minus |
|
Go to next procedure |
Disassembler |
Go to|Next procedure |
Ctrl+Plus |
|
View executable file |
Disassembler, Dump, Modules |
View|Executable file |
|
|
Copy changes to executable file |
Disassembler |
Copy to executable file |
|
|
Analyse executable code |
Disassembler |
Analysis|Analyse code |
Ctrl+A |
|
Scan object files and libraries |
Disassembler |
Scan object files |
Ctrl+O |
|
View resources |
Modules, Memory |
View all resources View resource strings |
|
|
Suspend/resume thread |
Threads |
Suspend Resume |
|
|
Display relative addresses |
Disassembler, Dump, Stack |
Doubleclick address |
|
|
Copy |
Most of windows |
Copy to clipboard |
Ctrl+C |
Frequently used global shortcuts:
|
Ctrl+F2 |
Restart program |
|
Alt+F2 |
Close program |
|
F3 |
Open new program |
|
F5 |
Maximize/restore active window |
|
Alt+F5 |
Make OllyDbg topmost |
|
F7 |
Step into (entering functions) |
|
Ctrl+F7 |
Animate into (entering functions) |
|
F8 |
Step over (executing function calls at once) |
|
Ctrl+F8 |
Animate over (executing function calls at once) |
|
F9 |
Run |
|
Shift+F9 |
Pass exception to standard handler and run |
|
Ctrl+F9 |
Execute till return |
|
Alt+F9 |
Execute till user code |
|
Ctrl+F11 |
Trace into |
|
F12 |
Pause |
|
Ctrl+F12 |
Trace over |
|
Alt+B |
Open Breakpoints window |
|
Alt+C |
Open CPU window |
|
Alt+E |
Open Modules window |
|
Alt+L |
Open Log window |
|
Alt+M |
Open Memory window |
|
Alt+O |
Open Options dialog |
|
Ctrl+T |
Set condition to pause Run trace |
|
Alt+X |
Close OllyDbg |
Frequently used Disasembler shortcuts:
|
F2 |
Toggle breakpoint |
|
Shift+F2 |
Set conditional breakpoint |
|
F4 |
Run to selection |
|
Alt+F7 |
Go to previous reference |
|
Alt+F8 |
Go to next reference |
|
Ctrl+A |
Analyse code |
|
Ctrl+B |
Start binary search |
|
Ctrl+C |
Copy selection to clipboard |
|
Ctrl+E |
Edit selection in binary format |
|
Ctrl+F |
Search for a command |
|
Ctrl+G |
Follow expression |
|
Ctrl+J |
Show list of jumps to selected line |
|
Ctrl+K |
View call tree |
|
Ctrl+L |
Repeat last search |
|
Ctrl+N |
Open list of labels (names) |
|
Ctrl+O |
Scan object files |
|
Ctrl+R |
Find references to selected command |
|
Ctrl+S |
Search for a sequence of commands |
|
Asterisk (*) |
Origin |
|
Enter |
Follow jump or call |
|
Plus (+) |
Go to next location/next run trace item |
|
Minus (-) |
Go to previous location/previous run trace item |
|
Space ( ) |
Assemble |
|
Colon (:) |
Add label |
|
Semicolon (;) |
Add comment |
'tips' 카테고리의 다른 글
| BOF에 취약한 함수들 (0) | 2010.05.13 |
|---|---|
| attrib (0) | 2010.05.11 |
| hping사용 (0) | 2010.04.28 |
| packet test tool (0) | 2010.04.27 |
| portable ftp server (0) | 2010.04.26 |