StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
1563008
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2009-10-13T21:28:34.593
FavoriteCount
0
LastActivityDate
2009-10-13T22:08:16.120
LastEditDate
2009-10-13T22:08:16.120
LastEditorUserId
188704
OwnerUserId
188704
ParentId
1562918
PostTypeId
2
Score
4
ViewCount
0
LastEditorDisplayName
text
Body
You have a lot of questions rolled into one. I'll try to answer some. OllyDBG is a fine free disassembler. Professionals may pay for IDA-Pro, but that's an expensive product. Regarding searching memory, OllyDBG does provide that feature. In any memory dump window (for example, the memory dump pane of the CPU window), you can: right-click, select "Search for" from the context menu, and then choose either Integer or Binary String. Unlike Cheat Engine, you cannot search for an approximate value with OllyDBG. You might seek a plug-in which does this, not that I am aware of one. By "WINAPI" I think you might mean the Win32 API. There is probably a component in the game you are looking into named WINAPI. In order to set breakpoints on various Windows APIs, which is what game-client-extenders like to do, you will want to know where the actual Windows API is, so to speak. The functions are not all in one "place." There are various DLL modules which "export" the functions that comprise the Win32 API. For example, <code>MessageBox()</code> is exported from <code>USER32.DLL</code> but <code>ExitProcess()</code> is exported from <code>KERNEL32.DLL</code>. To set breakpoints on Windows API calls in OllyDBG, you can: View menu, Executable Modules to see all the modules in memory. Right click the USER32.DLL module and select "View Names" from the context menu. There you will see all of the functions exported from USER32. If the game client were written in C, there would be a list of API functions used in what is called the "import table." This would be found in the .EXE module loaded in memory, or also viewable in the on-disk EXE file using <code>link /dump /imports</code>. In the case of a scripting language, there is usually not an import table, or if there is an import table, it imports a vast range of functionality that is accessible via the script engine. I do not think OllyDBG supports conditional breakpoints, unfortunately. Regarding where to begin learning disassembly, surely the best instruction is to utilize quite a bit of assembly on your own code. Even writing a Windows application which displays only a Message Box bearing "Hello World" will require you to learn about import tables in order to access the MessageBox() API. In fact, writing such an application in C could also be informative to you. However, I recommend you compile the code using only the command-line tools and not the GUI environment. The GUI will hide too much information from you and interfere with the learning. In order to access the USER32.DLL API, you will need to inform the linker that you wish to use the USER32.LIB 'import library' so your C code can transparently call <code>MessageBox()</code>.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POWherein newbie disassembly queries are made
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USHeath Hunnicutt
UserOwnerUserId
1. USHeath Hunnicutt
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POWherein newbie disassembly queries are made
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.