CHAPTER 14. LOOPS CHAPTER 14. LOOPS
14.1.2 x86: OllyDbg
Let’s compile our example in MSVC 2010 with/Oxand/Ob0options and load it into OllyDbg.
It seems that OllyDbg is able to detect simple loops and show them in square brackets, for convenience:
Figure 14.1:OllyDbg:main()beginBy tracing (F8 — step over) we seeESIincrementing. Here, for instance,ESI=i= 6:
Figure 14.2:OllyDbg: loop body just executed withi= 69 is the last loop value. That’s whyJLis not triggering after theincrement, and the function will finish:
Figure 14.3:OllyDbg:ESI= 10, loop end14.1.3 x86: tracer.
As we might see, it is not very convenient to trace manulally in the debugger. That’s a reason we will trytracer.
We open compiled example inIDA, find the address of the instructionPUSH ESI(passing the sole argument tof(),) which
is0x401026for this case and we run thetracer:
tracer.exe -l:loops_2.exe bpx=loops_2.exe!0x00401026
BPXjust sets a breakpoint at the address and tracer will then print the state of the registers.
In thetracer.logThis is what we see: