[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dailydave
Subject:    RE: [Dailydave] Request of the day
From:       "Aleksander P. Czarnowski" <alekc () avet ! com ! pl>
Date:       2006-04-26 22:03:52
Message-ID: 011801c6697d$4e443840$5000000a () alektm
[Download RAW message or body]

The internal architecture of both tools is quite different. Secondly OllyDBG
is not really supporting anything besides x86, unless you already have a
plugin that supports your proprietary bytecode. Also some capabilities of
both tools are different (not to mention differences between IDA and OllyDBG
code analysis options). 

Our approach to similar problem was to write a metaprocessor that works on
simple abstract code and understands some simple actions like breakpoint
management, memory read/write, stack unwinding etc. Actually the breakpoint
and memory read/write operation for actual process are not implemented
within metaprocessor code but are part of larger framework. This design was
dictated by ability to use hardware breakpoints too and ability to deploy
some debugging at kernel level on Win32 thanks to dedicated driver based on
WMD.
Just my 2 cents,
Alex Czarnowski 

> -----Original Message-----
> From: Marten Cassel [mailto:mcassel@kth.se] 
> Sent: Wednesday, April 26, 2006 3:52 PM
> To: Pedram Amini
> Cc: Dave Aitel; dailydave
> Subject: Re: [Dailydave] Request of the day
> I'm writing a debugger plugin for IDA Pro that's supposed do 
> be a debugger for a proprietary bytecode interpreter / 
> virtual machine. What i'd like is a abstraction layer in som 
> form so i can easily port my debugger to use either Ida Pro 
> or OllyDbg and use the debugger services.
>  Do you have any clues of what kind of software design would 
> be the best way to accomplish this?
> 
> - Marten
> 

[prev in list] [next in list] [prev in thread] [next in thread]