OllyDbg.exe + StrongOD deletes OllyDbg.exe

Ideas for enhancements to the software
Post Reply
g00fy
Posts: 4
Joined: Fri Apr 05, 2013 3:53 am

OllyDbg.exe + StrongOD deletes OllyDbg.exe

Post by g00fy » Thu Dec 31, 2015 5:42 am

1/ What I did:

Code: Select all

- Extract OllyDbg (http://www.ollydbg.de/odbg110.zip)
- put StrongOD plugin in the ollydbg directory (https://tuts4you.com/download.php?view.2028)

- run OllyDbg (normal/admin, makes no difference) under Sandboxie

- "Click OK to Patch ClassName" > OK
- OllyDbg gets deleted.
2/ Next what I tried was moving this directory OUTSIDE sandboxie (to C:\tmp). (and re-adding the exe into it). Than I ran it again.
Weirdly, Sandboxie was STILL used to start it up!?

3/ So I restarted my computer, and tried re-run OllyDbg (now under C:\tmp). Sandboxie did not capture it anymore (as it is supposed to do).
And it did run normally, no deleting of OllyDbg.


==> I think it is because of this:
Inside StrongOD.dll there is this call:
call ds:GetCurrentProcess

I think it does not get the right process name (maybe Sandboxie one?), but definitely not OllyDbg.exe.
Top
Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:
Contact Craig@Invincea

Re: OllyDbg.exe + StrongOD deletes OllyDbg.exe

Post by Craig@Invincea » Thu Dec 31, 2015 8:38 am

What are your trying to achieve? And items will remain in the sandbox until you delete them.
Top
Post Reply

Return to “Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest