Skip to content

Instantly share code, notes, and snippets.

@trietptm

trietptm/ollydbg.ini

Created September 17, 2020 04:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save trietptm/e7c188b02c544b9f2f116c9cb7737a00 to your computer and use it in GitHub Desktop.
Save trietptm/e7c188b02c544b9f2f116c9cb7737a00 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ollydbg.ini
[Settings]
Check DLL versions=0
Topmost window=0
Show main menu items that don't apply=0
Show popup items that don't apply=0
Show toolbar=1
Use system colours in toolbar=0
Status in toolbar=0
Flash duration=1
Autoupdate interval=4
Mode of main window=0
Restore windows=1161
Bring OllyDbg to top on pause=1
Restore window positions=1
Restore width of columns=0
Restore sorting criterium=1
Highlight sorted column=1
Right click selects=1
Index of default font=1
Index of default UNICODE font=3
Index of default colours=0
Code highlighting=0
Horizontal scroll=0
Snow-free drawing=1
Append arguments=1
Allow diacritical symbols=0
Decode pascal strings=1
Use IsTextUnicode=0
String decoding=0
File graph mode=1
Put ASCII text to clipboard=0
Dialog font mode=0
Font in dialogs=0
Align dialogs=1
Global search=1
Aligned search=0
Ignore case=0
Search direction=1
Floating search with margin=0
Allow extra commands in sequence=1
Allow jumps into the sequence=0
Keep size of hex edit selection=0
List sorting mode=0
Modify FPU tag=0
MMX display mode=0
Show tooltips in dialog windows=1
X options coordinate=17
Y options coordinate=161
Last selected options pane=27
Last edited font in options=0
Last edited scheme in options=6
Last edited colour index in options=1
Last edited highlighting in options=6
Last edited highlighting index in options=0
Warnmode when not administrator=0
Warnmode for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt=0
Warnmode when breakpoint set on non-command=6
Warnmode when EIP set on non-command=0
Warnmode when clipboard size too large=0
Warnmode when all threads are suspended=0
Warnmode when thread is changed=0
Warnmode when process is still running=6
Warnmode when active when closing OllyDbg=6
Warnmode when unable to close process=0
Warnmode when executable differs from udd=0
Warnmode when INT3 in udd has different cmd=0
Warnmode when fixups are modified=0
Warnmode when copy of executable file changed=0
Warnmode when memory breakpoint on stack=0
Warnmode when modified debug registers=0
Warnmode when launching loaddll=0
Warnmode when EIP inside the patch=0
Only ASCII printable in dump=0
Code page for ASCII dumps=1252
Underline fixups=1
Show jump direction=1
Show jump path=1
Show grayed path if jump is not taken=1
Fill rest of command with NOPs=1
Action on letter key in Disassembler=1
Wide characters in UNICODE dumps=1
Automatically backup user code=0
Visible lines when scrolling disasm=1
IDEAL disassembling mode=0
Disassemble in lowercase=0
Separate arguments with TAB=0
Extra space between arguments=0
Show default segments=1
Always show memory size=1
NEAR jump modifiers=0
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode=0
Jump hint decoding mode=0
Size sensitive mnemonics=1
Top of FPU stack=1
Show symbolic addresses=1
Show local module names=0
Demangle symbolic names=0
Use hardware breakpoints for stepping=0
First pause=3
Pause on attach=1
Pause on Loaddll=1
Assume flat selectors=0
Ignore access violations in KERNEL32=1
Ignore INT3=1
Ignore TRAP=1
Ignore access violations=1
Ignore division by 0=1
Ignore illegal instructions=1
Ignore all FPU exceptions=1
Ignore all service exceptions=1
Ignore custom exception ranges=1
Call UnhandledExceptionFilter=0
Report ignored exceptions to log=1
Autoreturn=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks=1
Allow command emulation=1
Debug child processes=0
Animation delay index=0
Stop on new DLL=0
Stop on DLL unload=0
Stop only on selected modules=0
Stop on debug string=0
Stop on new thread=0
Stop on thread end=0
Enable use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files=1
Hide internal compiler names=1
Skip leading spaces from source=1
Hide Call DLL window on call=0
Pause after call to DLL is finished=1
Allow .NET debugging=0
Scan registry for GUIDs on starup=0
Run trace protocolling options=393216
Run trace buffer size index=2
Trace over system DLLs=1
Trace over string commands=1
Save traced commands=0
Save accessed memory to trace=0
Save FPU registers to trace=0
Synchronize CPU and Run trace=1
Set breakpoints on callbacks in hit trace=0
Hit trace mode for indirect jumps=0
Stop hit trace if not command=0
Hit trace outside the code section=2
Show symbolic names in protocol range list=0
Allow automatic SFX extraction=1
SFX extraction mode=0
Use real SFX entry from previous run=1
Ignore SFX exceptions=1
Use predictions in search=1
References include indirect jumps=1
Add origin to search results=0
Default resource language=9
Gray inactive windows=1
Gray register names=0
Center FOLLOWed command=1
Decode registers for any IP=0
Remove code hilite on register hilite=1
Automatically select register type=0
Enable SSE registers=1
Label display mode=0
Highlight symbolic labels=0
Log buffer size index=2
Tabulate columns in log file=0
Append data to existing log file=0
Auto analysis=1
No predicted registers in system DLLs=0
Fuzzy analysis=1
Report problems during analysis=0
Decode tricks=1
Mark tricks=0
Decode ifs as switches=0
Mark only important operands=0
Functions preserve registers=1
Ignore braces in udd path=1
Guess number of arguments=1
Guess arguments from mangled names=0
Guess meaning of guessed arguments=1
Show uncertain arguments=1
Rename value dependent arguments=0
Show predicted values=1
Show ARG and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG and LOCAL in comments=1
Show loops=1
Accept far calls and returns=0
Accept direct segment modifications=0
Accept privileged commands=0
Accept I/O commands=0
Accept NOPs=1
Accept shifts out of range=0
Accept superfluous prefixes=0
Accept default prefixes=1
Accept valid LOCK prefixes=1
Accept unaligned stack operations=1
Accept suspicious ESP operations=0
Accept non-standard command forms=1
Accept access to nonexisting memory=0
Accept interrupt commands=0
Block external WM_CLOSE=1
Activate speech=0
Translate commands and registers=1
Skip leading zeros in hex numbers=1
GUI language=0
Monitor internal memory allocation=0
Search accuracy=0
Warnmode when IAT is copied back to exe=0
Warnmode when IAT is autocopied back to exe=0
Code page for multibyte dumps=65001
Disable GDI scripting support=0
Alternative forms of conditional commands=1
Show call arguments=0
Type of break command=0
Hide unimportant handles=1
Show original handle names=0
Permanent breakpoints on system code=0
Ignore INT3 in MSCORWKS=1
Keep hit trace between sessions=1
Hide current registers warning=0
Search for library functions=1
[History]
Executable[0]=F:\Hack\Debuggers\OllyDbg2\ollydbg.exe
Arguments[0]=
Current dir[0]=
Executable[1]=
Arguments[1]=
Current dir[1]=
Executable[2]=
Arguments[2]=
Current dir[2]=
Executable[3]=
Arguments[3]=
Current dir[3]=
Executable[4]=
Arguments[4]=
Current dir[4]=
Executable[5]=
Arguments[5]=
Current dir[5]=
Log file=log.txt
Trace save file=
Data directory=.
Plugin directory=.
API help file=
Last viewed file=
Last keyboard shortcuts file=shortcuts.ini
Previous JIT=
Debug data directory[0]=
Debug data directory[1]=
Debug data directory[2]=
Standard library directory=F:\Hack\Debuggers\OllyDbg2
Alternative initialization file=
Last object or library file=
Last image library file=
[OllyDbg]
Placement=640,32,640,480,1
[CPU]
Placement=0,0,392,326,3
Offset[0]=0
Offset[1]=0
Offset[2]=0
Offset[3]=0
[CPU Disasm]
Appearance=1,6,0,0,6
Columns=54,102,240,1536
[CPU Info]
Appearance=1,6,0,0,0
[CPU registers]
Appearance=1,6,1,0,0
Local=1,72708
[CPU Dump]
Appearance=1,6,1,0,6
Columns=54,288,102
Local=00011001
[CPU Stack]
Appearance=1,6,0,0,0
Columns=54,60,30,1536
Local=000A0104
[Run trace data]
Placement=25,25,1476,652,1
Appearance=1,0,1,0,0
Columns=54,48,54,54,240,144,1536
Sort=0
[Goto]
Appearance=1,0,0,0,0
[Dump]
Appearance=1,0,1,0,0
[Memory]
Placement=50,50,867,186,1
Appearance=1,0,1,0,0
Columns=54,54,96,60,144,30,48,48,1536
Sort=0
[Namelist]
Appearance=1,0,1,0,0
Sort=2
Placement=75,75,947,834,1
Columns=54,54,66,48,240,1536
[Dialog placement]
Enter string=20,186
Enter new command line arguments=0,42
Assemble=235,107
[Search tab]
Appearance[1]=1,0,1,0,0
Columns[1]=54,240,1536
Sort[1]=0
[Search]
Placement=100,100,400,254,1
[Hardware breakpoints]
Placement=75,75,837,186,1
Appearance=1,0,1,0,0
Columns=30,54,54,54,72,240,1536
Sort=0
[Ignored exceptions]
Range[0]=c0000008 c0000008
[Colour schemes]
Scheme name[0]=Black on white
Foreground_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[0]=0
Modified commands[0]=0
Scheme name[1]=Yellow on blue
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands[1]=0
Scheme name[2]=Marine
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
Scheme name[3]=Mostly black
Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=0
Modified commands[3]=0
Scheme name[4]=Scheme 4
Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands[4]=0
Scheme name[5]=Scheme 5
Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands[5]=0
Scheme name[6]=Blackboard
Foreground_1[6]=F0F0F0,F0FBFF,AFAFAF,404FF,F0FBFF,F0FBFF,F0FBFF,F0FBFF,FFFFFF,F0FBFF,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=21100C,21100C,21100C,21100C,3939FF,C57941,EB9CAE,C57941,21100C,43322D,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands[6]=0
Scheme name[7]=Scheme 7
Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands[7]=0
[Highlighting schemes]
Scheme name[1]=Christmas tree
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=1
Modified commands[1]=1
Scheme name[2]=Jumps and calls
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
Scheme name[3]=Memory access
Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=1
Modified commands[3]=1
Scheme name[4]=Hilite 4
Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands[4]=0
Scheme name[5]=Hilite 5
Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands[5]=0
Scheme name[6]=Blackboard
Foreground_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,FFF,3939FF,3939FF,FFFF
Foreground_2[6]=3939FF,3939FF,*,*,*,*,*,*,C57941,C57941,*,8BE0AB,30B261,8BE0AB,30B261,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,3939FF,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=1
Modified commands[6]=1
Scheme name[7]=Hilite 7
Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands[7]=0
[Fonts]
Font name[0]=OEM fixed font
Font data[0]=0,0,0,0,0,0,0,0,0,0,0,10
Face name[0]=
Font name[1]=Terminal 6
Font data[1]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[1]=Terminal
Font name[2]=System fixed font
Font data[2]=0,0,0,0,0,0,0,0,0,0,0,16
Face name[2]=
Font name[3]=Courier (UNICODE)
Font data[3]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name[3]=Courier New
Font name[4]=Lucida (UNICODE)
Font data[4]=10,6,400,0,0,0,1,2,5,0,0,0
Face name[4]=Lucida Console
Font name[5]=Font 5
Font data[5]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[5]=Terminal
Font name[6]=Font 6
Font data[6]=0,0,0,0,0,0,0,0,0,0,0,16
Face name[6]=
Font name[7]=Font 7
Font data[7]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name[7]=Courier New
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment