Step into (함수 진입) : F7
Animate into (entering functions) : Ctrl+F7
Step over (executing function calls at once) : F8
Animate over (executing function calls at once) : Ctrl+F8
실행 : F9
Pass exception to standard handler and run : Shift+F9
Execute till return : Ctrl+F9
Execute till user code : Alt+F9
Trace into : Ctrl+F11
Pause : F12
Trace over : Ctrl+F12
Set condition to pause Run trace : Ctrl+T
Toggle breakpoint : F2
Set conditional breakpoint : Shift+F2
Run to selection : F4
Analyse code : Ctrl+A
Origin : Asterisk (*)
Follow jump or call : Enter
Go to next location/next run trace item : Plus (+)
Go to previous location/previous run trace item : Minus (-)
Assemble : Space ( )
Add label : Colon (:)
Add comment : Semicolon (;)
디스어셈블 위치 지정 : ctrl+위, 아래 화살표키
//
Go to previous reference : Alt+F7
Go to next reference : Alt+F8
Start binary search : Ctrl+B
Copy selection to clipboard : Ctrl+C
Edit selection in binary format : Ctrl+E
Search for a command : Ctrl+F
Follow expression : Ctrl+G
Show list of jumps to selected line : Ctrl+J
View call tree : Ctrl+K
Repeat last search : Ctrl+L
Open list of labels (names) : Ctrl+N
Scan object files : Ctrl+O
Find references to selected command : Ctrl+R
Search for a sequence of commands : Ctrl+S
Open Breakpoints window : Alt+B
Open CPU window : Alt+C
Open Modules window : Alt+E
Open Log window : Alt+L
Open Memory window : Alt+M
Open Options dialog : Alt+O
프로그램 재실행 : Ctrl+F2
프로그램 닫기 : Alt+F2
새 프로그램 열기 : F3
활성화 되어 있는 윈도우 최대화, 혹은 원복 : F5
olly 디버거 윈도우를 항상 위로 : Alt+F5
Close OllyDbg : Alt+X
//===========================================================================================================
origin: http://slypuma.tistory.com/231
올리디버거(OllyDebugger) 단축키
Quick start - version 1.10
Read this for quick start. Consult help file for details and more features.
Installation is not necessary. Create new directory and unpack odbg110.zip - now you can start!
Pop-up menus display only items that apply. Frequently used menu functions:
| Function | Window | Menu command | Shortcut |
| Edit memory as binary, ASCII or UNICODE string | Disassembler, Stack | Binary|Edit | Ctrl+E |
| Dump | |||
| Undo changes | Disassembler, Dump | Undo selection | Alt+BkSp |
| Registers | Undo | ||
| Run application | Main | Debug|Run | F9 |
| Run to selection | Disassembler | Breakpoint|Run to selection | F4 |
| Execute till return | Main | Debug|Execute till return | Ctrl+F9 |
| Execute till user code | Main | Debug|Execute till user code | Alt+F9 |
| Set/reset INT3 breakpoint | Disassembler | Breakpoint|Toggle | F2 |
| Names, Source | Toggle breakpoint | ||
| Set/edit conditional INT3 breakpoint | Disassembler | Breakpoint|Conditional | Shift+F2 |
| Names, Source | Conditional breakpoint | ||
| Set/edit conditional logging breakpoint (logs into the Log window) | Disassembler | Breakpoint|Conditional log | Shift+F4 |
| Names, Source | Conditional log breakpoint | ||
| Temporarily disable/restore INT3 breakpoint | Breakpoints | Disable | Space |
| Enable | |||
| Set memory breakpoint (only one is allowed) | Disassembler, Dump | Breakpoint|Memory, on access | |
| Breakpoint|Memory, on write | |||
| Remove memory breakpoint | Disassembler, Dump | Breakpoint|Remove memory breakpoint | |
| Set hardware breakpoint (ME/NT/2000 only) | Disassembler, Dump | Breakpoint|Hardware (select type and size!) | |
| Remove hardware breakpoint | Main | Debug|Hardware breakpoints | |
| Set single-short break on access to memory block (NT/2000 only) | Memory | Set break-on-access | F2 |
| Set break on module, thread, debug string | Options | Events | |
| Set new origin | Disassembler | New origin here | |
| Display list of all symbolic names | Disassembler, Dump | Search for|Name (label) | Ctrl+N |
| Modules | View names | ||
| Context-sensitive help (requires external help file!) | Disassembler, Names | Help on symbolic name | Ctrl+F1 |
| Find all references in code to selected address range | Disassembler | Find references to|Command | Ctrl+R |
| Dump | Find references | ||
| Find all references in code to the constant | Disassembler | Find references to|Constant | |
| Search for|All constants | |||
| Search whole allocated memory | Memory | Search | Ctrl+L |
| Search next | |||
| Go to address or value of expression | Disassembler | Go to|Expression | Ctrl+G |
| Dump | Go to expression | ||
| Go to previous address/run trace item | Disassembler | Go to|Previous | Minus |
| Go to next address/run trace item | Disassembler | Go to|Next | Plus |
| Go to previous procedure | Disassembler | Go to|Previous procedure | Ctrl+Minus |
| Go to next procedure | Disassembler | Go to|Next procedure | Ctrl+Plus |
| View executable file | Disassembler, Dump, Modules | View|Executable file | |
| Copy changes to executable file | Disassembler | Copy to executable file | |
| Analyse executable code | Disassembler | Analysis|Analyse code | Ctrl+A |
| Scan object files and libraries | Disassembler | Scan object files | Ctrl+O |
| View resources | Modules, Memory | View all resources | |
| View resource strings | |||
| Suspend/resume thread | Threads | Suspend | |
| Resume | |||
| Display relative addresses | Disassembler, Dump, Stack | Doubleclick address | |
| Copy | Most of windows | Copy to clipboard | Ctrl+C |
Frequently used global shortcuts:
| Ctrl+F2 | Restart program |
| Alt+F2 | Close program |
| F3 | Open new program |
| F5 | Maximize/restore active window |
| Alt+F5 | Make OllyDbg topmost |
| F7 | Step into (entering functions) |
| Ctrl+F7 | Animate into (entering functions) |
| F8 | Step over (executing function calls at once) |
| Ctrl+F8 | Animate over (executing function calls at once) |
| F9 | Run |
| Shift+F9 | Pass exception to standard handler and run |
| Ctrl+F9 | Execute till return |
| Alt+F9 | Execute till user code |
| Ctrl+F11 | Trace into |
| F12 | Pause |
| Ctrl+F12 | Trace over |
| Alt+B | Open Breakpoints window |
| Alt+C | Open CPU window |
| Alt+E | Open Modules window |
| Alt+L | Open Log window |
| Alt+M | Open Memory window |
| Alt+O | Open Options dialog |
| Ctrl+T | Set condition to pause Run trace |
| Alt+X | Close OllyDbg |
Frequently used Disasembler shortcuts:
| F2 | Toggle breakpoint |
| Shift+F2 | Set conditional breakpoint |
| F4 | Run to selection |
| Alt+F7 | Go to previous reference |
| Alt+F8 | Go to next reference |
| Ctrl+A | Analyse code |
| Ctrl+B | Start binary search |
| Ctrl+C | Copy selection to clipboard |
| Ctrl+E | Edit selection in binary format |
| Ctrl+F | Search for a command |
| Ctrl+G | Follow expression |
| Ctrl+J | Show list of jumps to selected line |
| Ctrl+K | View call tree |
| Ctrl+L | Repeat last search |
| Ctrl+N | Open list of labels (names) |
| Ctrl+O | Scan object files |
| Ctrl+R | Find references to selected command |
| Ctrl+S | Search for a sequence of commands |
| Asterisk (*) | Origin |
| Enter | Follow jump or call |
| Plus (+) | Go to next location/next run trace item |
| Minus (-) | Go to previous location/previous run trace item |
| Space ( ) | Assemble |
| Colon (:) | Add label |
| Semicolon (;) | Add comment |
'Code' 카테고리의 다른 글
| Dll Injecttion (0) | 2012.08.19 |
|---|---|
| Assembly 언어 (0) | 2012.08.19 |
| OllyDbg Command (0) | 2012.08.19 |
| ADO 'ATL OLEDB' DAO ODBC (0) | 2012.08.18 |
| APM 설치 (0) | 2012.08.11 |
