OllyDbg commonly used shortcut hotkeys
hear the wind listen to the rain finishing
======================================== =======================
open a new executable (F3)
Re-run the program (Ctrl + F2) is currently commissioning
The current program (Alt + F2) debugging
Run the selected program debugging (F9)
Suspend execution of the program being debugged (F12)
Step Into the program being debugged in Call (F7)
Step over a program being debugged Call (F8)
With the program being debugged Call in (Ctrl + F11)
Skip the Call debugger (Ctrl + F12) tracking
Execution until you return (Ctrl + F9)
Record display window (Alt + L)
The display module window (Alt + E)
Display memory window (Alt + M)
Display CPU window (Alt + C)
Patch display window (Ctrl + P)
Display Call Stack (Alt + K)
Breakpoints display window (Alt + B)
Open the debug options window (Alt + O)
Use the following command to OllyDbg shortcut command bar (shown in the status bar at the top of the program)
to hear the wind listen to the rain (Clone) finishing
20,030,210
======================= ========================================
CALC
judgment expression
WATCH
Add Watch Expression
AT / FOLLOW
The Disassemble AT address
disassemble address
ORIG
The Disassemble AT EIP
disassembly in EIP
DUMP
Dump AT address
in the Address dump
The DA
the Dump AS Disassembly
transfers for disassembly
DB
Dump byte in hex format
transfer exist hexadecimal byte format
DC
Dump in ASCII format
switch exists in ASCII format
DD
Dump Stack format in
turn there is a stack format
DU
Dump UNICODE format in
turn exist UNICODE format
DW
Dump in Word format hex
turn words exist in hexadecimal format
STK
Go to address in Stack
went to the address on the stack
AS + + address string
Assemble at address
in the address assembler
+ L + address string
Label at address
for the address label
C + + String Address
Comment at address
annotate address
BP
Break with for condition Condition
Usage Conditions Interrupt
BPX
Break ON All Calls
interrupt all calls
BPD
the Delete All Calls BREAK ON
Clear all calls at a breakpoint
BC
the Delete Breakpoint
clear the breakpoint
The MR
Memory the BREAKPT ON Access
Memory Access break in
MW
Memory Write the BREAKPT ON
when a write memory breakpoint
MD
the Remove Memory Breakpoint
clear memory breakpoint
HR
HW BREAK ON Access
hardware interrupt access
HW
HW BREAK ON the Write
a hardware interrupt writing
HE
HW BREAK ON Execution
hardware interrupt execution
HD
the Remove HW Breakpoint
remove hardware breakpoints
STOP
Pause Execution
suspended
PAUSE
PAUSE
RUN
the Run Program
Run Program
Run till address
operation to address
GE
the Run and Pass Exception
run and by exception
SI
the Step INTO
walk
SO
Step over
步过
TI
Trace Till address in
track until the address entered
The TO
Trace over Till address
tracking step over until address
TC
Trace in Till for condition Condition
tracking enter until the condition
The TOC
the Trace over Till for condition Condition
tracking step over until the condition
TR
Till return
until you return
TU
Till the User code
until the user code
LOG
View the Log window
to view the log window
MOD
View Modules window
view window module
MEM
View Memory window
to view the memory window
CPU
View CPU window
to view the CPU window
CS
View Call Stack
View Call Stack
BRK
View Breakpoints window
to view the Breakpoints window
OPT
Open Options
Open Options
EXIT / QUIT
Quit OllyDbg
退出 OllyDbg
The OPEN
Open Executable File
to open the executable file
CLOSE
use Close Executable
close the program
RST
the Restart Current Program
to restore the current program
HELP
Help ON API function
to help API function
ASM
Assemble (the Command Needs IF IT's own Addres, \ "ASM COMMAND; ADDRESS \" )
compilation (if the command needs its own address \ "ASM COMMAND; ADDRESS \" )
DASM
The Disassemble load immediate opcode
disassemble the machine code directly
FR
the Find the Selected Reference to the Command / address
lookup reference to the selected command / address
AC
Analyze code
analysis code
SN
Search for the Name (label) in Current Module
search for the name (label) in the current module
SOB
Scan Object Files
scan project files
The following command applies to OllyDbg command-line plug-Cmdline.dll (shown in the plug-in menu program)
hear the wind listen to the rain finishing
======================== =======================================
command-line plug-in support of command
CALC
judgment expression
WATCH
Add Watch Expression
AT
disassembly at the specified address
FOLLOW
follow orders
ORIG
disassembly in EIP
DUMP
performed at the specified address dump
DA
transfers for disassembly
DB
hexadecimal byte format dump
DC
using ASCII format Dump
DD
turn there is a stack format
DU
turn present UNICODE format
DW
hexadecimal dump format word
STK
Go to the address on the stack
The AS
(address of the AS + + string)
be assembled at the specified address
BP
conditional interrupt (conditional breakpoints)
BPX
interrupt all calls (Call)
BPD
Clear all breakpoints call
BC
Clear break
MR
memory breakpoint to visit
MW
memory when the write breakpoint
MD
clear memory breakpoint
HR
hardware interrupt access
HW
hardware interrupt when writing
HE
hardware interrupt execution
HD
Clear hardware breakpoints
STOP
stop running debugging
PAUSE
to suspend execution of the program debugging
RUN
run the program for debugging
GE
operation and by exception
SI
Step Into Call in
SO
step over Call
TI
track until the address entered
TO
tracking step over until address
TC
track to enter until the condition
TOC
track Step over until the condition
TR
running until you return
TU
run until the user code
LOG
View Record window
MOD
View window module
MEM
view memory window
CPU
View window CPU
CS
View Call Stack
BRK
view the Breakpoints window
OPT
open the option window
EXIT
Exit OllyDbg
QUIT
Exit OllyDbg
OPEN
open an executable file
CLOSE
Close executable file
RST
re-run the current program
HELP
View API functions help
Reproduced in: https: //my.oschina.net/iwuyang/blog/198613