Reputation: 1675
Backtracing in ollydbg v2
I use now ollydbg v2 and wanted to know how I can use the backtrace operation. In ollydbg v1, I remember that I need to push the minus ("-") operator, everything was colored gray and I could also see the old register values.
In ollydbg v2 which I downloaded now, this seems not to work. I mean it works but I can not see the old register values. How can I achieve that in this newest version? Can somebody help me?
Upvotes: 1
Views: 1662
Answers (1)
Reputation: 8166
Go to Options > Options > Debugging > Run trace, then I suggest you use:
- Don't enter system DLLs
- Always trace over string commands
- Remember memory
- Synchronize CPU and run trace
For greater run trace speed, also go to Options > Options > Debugging and check:
- Allow fast command emulation
Reload you program (CTRL + F2), then:
Trace > Trace intoorTrace > Trace over
Once your program has finished (or if you have hit a condition in Trace > Set condition) go to View > Run trace and then you should see a grayed CPU register pane with registers value changing for each of the selected instruction.
If that doesn't work, close Ollydbg, delete the *.ini file in the OllyDbg folder, restart ollydbg and then redo the whole procedure.
Upvotes: 2
Related Questions
- How go to end loop shortcut in OllyDbg?
- OllyDBG, follow Call Function
- OllyDbg 2.0 Analyze procedure arguments
- How to generate all backtraces of a function using gdb?
- Ollydbg condition
- Reverse Engineering - AND 0FF
- OllyDbg - non invasive debugging
- how to break in ollydbg debugger?
- How does backtrace work?
- About reverse with ollydbg