x64dbg
An open-source x64/x32 debugger for windows...
171 topics in this forum
-
Hi everyone, Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features: variables, currently command-based only basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A) software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr') hardware breakpoints (access, write, execute), also command-only stepping (over, into, out, n instructions), can be done with buttons/shortcuts memory allocation/deallocation inside the debuggee quick…
-
Weekly Digest
by mrexodia- 18 replies
- 18.7k views
The second weekly digest is up, check it out if you are interested in x64dbg development! http://x64dbg.com/blog/2016/09/04/weekly-digest-2.html
-
Hello everyone, As Artic suggested, this topic is for feature suggestions. Post anything you wanna see in the next release here. Make sure to also post it over at https://bitbucket.org/mrexodia/x64_dbg/issues/new Greetings, Mr. eXoDia
-
Could someone provide me a step by step on how to trace? Can you log the output to a file like OllyDbg does ? thanks
-
x64dbg conditional branches logger [Plugin] 1 2
by Kurapica- 28 replies
- 19.9k views
Hi This is just a work in progress so don't expect too much. Please test it and report if you find bugs. I use it like this : First you need 2 break points to trace between, Start and End. 1 - Throw your target in the debugger. 2 - The Start point should break. 3 - Start the plugin. 4 - Enter the name of the module you are interested in, the plugin will try to detect the name where RIP is now. 5 - Enter the target VA, i.e the point where logging should stop, It's your End point from above. There will be single stepping into this module but if RIP goes out of this module then there will be stepping over…
-
An Introduction to x64_dbg
by chessgod101- 21 replies
- 14.5k views
I just published a definitive tutorial for x64_dbg. It documents its settings and features and shows you how to use the tool to effectively debug a 64-bit application. This tutorial is aimed at beginners, but has some information that may be useful to more advanced reverse engineers. I hope you enjoy and feel free to ask any questions you may have. http://reverseengineeringtips.blogspot.com/2015/01/an-introduction-to-x64dbg.html
-
Debugger Detected
by Beast_Hunter- 19 replies
- 17k views
How To Fix Debugger Detected In x64dbg Picture ProtectionID Scan Spoiler -=[ ProtectionID v0.6.7.0 OCTOBER]=- (c) 2003-2015 CDKiLLER & TippeX Build 31/10/15-14:35:10 Ready... Scanning -> C:\Users\Dell\Desktop\VNHAX_PUBGM.exe File Type : 32-Bit Exe (Subsystem : Win CUI / 3), Size : 531968 (081E00h) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) [TimeStamp] 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) | PE Header | - | Offset: 0x00000118 | VA: 0x00400118 | - [TimeStamp] 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) | DebugDirectory | - | Offset…
-
- 1 follower
- 18 replies
- 4.6k views
How to clear previous brakpoints? Clear DB not doing job!!! Even i clear DB when i reload the EXE breakpoints remains - Hot to reload exe WO any modification ? Thansk Any idea
-
AdvancedScript x64dbg Plugin
by ahmadmansoor- 3 followers
- 18 replies
- 21.3k views
just a try to add more feature's to x64dbg script system History Section: - version 2.0: 1-all numbers are hex numbers. 2-more nested in arguments. 3-Build bridge to make plugin system Compatible with x64dbg script system. 4-create parallel Functions to x64dbg Functions, like ( cmp >> cmpx ). 5-rename new name (Varx Getx Setx) and fix array index entry. 6-add VarxClear ( clear all variable to help user in test's ) , memdump with print style. - version 1.6: 1- add Parser system to recognize arguments. 2- begin build Script system. 3- add more Helper Functions. - version 1.4: 1- make StrCompx in separate Thread and add Sleep time to wait x6…
-
When closing X - DBG with the window dump
by sstrato- 18 replies
- 7.8k views
When closing X - DBG with the window dump for example in text mode., the rerun and select Hex dump window is not displayed correctly.
-
Some little fix
by Hellsp@wn- 15 replies
- 16.9k views
1. if I click cancel in patches windows then see error "failed to save ..." 2. if I want select lines in stack windows it possible only in the second column 3. u can add option to disable register comment anywere? like olldbg - only current EIP 4. can add option to save colums size on main window?
-
x64_dbg Snapshots
by mrexodia- 13 replies
- 9.2k views
Hey everyone, Because I personally don't have so much time as before I set up a service that automatically builds snapshots from the x64_dbg master branch. If you find a bug, please also verify that it's still in the snapshot. The snapshots are generally considered stable, but you should not them for plugin development. Download Snapshots: https://sourceforge.net/projects/x64dbg/files/snapshots/ Greetings, Mr. eXoDia
-
Additions in CPU tab?
by Siarogak- 13 replies
- 7.5k views
Mr. eXoDia is it possible to make some additions in CPU tab? I think It will be very usefull to add option to make view like this
-
Scripts in x64dbg
by newhak- 13 replies
- 18.7k views
Hi, Can you please tell me if there is any way to run the olleydbg scripts using x64dbg, namely how to run the assembly scripts on x64dbg as it dose not accept that.
-
- 3 followers
- 12 replies
- 4.6k views
Hello, has something changed during past 4 years? In Olly a was using this feature often and now I am looking something similar in x64/x32dbg
-
what are those that x64dbg equivalence to ollydbg command sequences search?
by Sean Park - Lovejoy- 2 followers
- 10 replies
- 2.4k views
mov r32,[r32] cmp [r32],r32 pushfd if i use ollydbg, i can use above syntax to find all matches. however, when using x64dbg, what should i do to find all matches of command sequences? sean.
-
Is it a bug ?
by opc0d3- 10 replies
- 17.3k views
Alter to graph. Same line different jumps. Should I open an issue ? Regards.
-
Bookmark Plugin for x64dbg
by minh- 9 replies
- 2.1k views
-
Problems logging all jumps/calls
by chickenmc- 9 replies
- 12.7k views
Hello all, I am new to x64dbg and I am trying to log all jumps and calls of my main prog1.exe. I am doing so using this command: TraceSetLog "{p:cip}", "dis.isbranch(cip) && prog1.EntryPoint == mod.entry(dis.branchdest(cip))" dis.isbranch(cip) will be true if there is a call or jump and the right part will check if I am in my main prog1.exe (because I don't want to log any jumps/calls from dll's that are loaded - I am only interested in prog1.exe) After that command I type in: StartRunTrace C:\Users\x64user\Desktop\log.txt and then start the Run Trace (one million hits will be logged): TraceOverConditional 0, 1000000 My prob…
-
Tracing Differences x64dbg
by Leila.Morar48- 1 follower
- 9 replies
- 7.9k views
How to tracing like this video https://www.youtube.com/watch?v=DJP-dFRoA6Q in x64dg?
-
Strings x64dbg plugin
by hors- 9 replies
- 11.3k views
Strings plugin for x64dbg. Download: https://github.com/horsicq/stringsx64dbg/releases Sources: https://github.com/horsicq/stringsx64dbg/ More Info: http://n10info.blogspot.com/2019/03/strings-plugin-for-x64dbg.html
-
some improvement suggestion.
by Dragon Palace- 9 replies
- 7.5k views
1. how about add horzontal and vertical scroll bar in each windows, ie: assembler window, register window 2. how about add CTRL + F to find special string in searched list strings? 3. How about infobox? implement it yet? If I want to serial fishing when use it to show serial numbers when I infinity F7, F8,
-
Unable to Ignore All Exceptions
by GNIREENIGNE- 8 replies
- 17.5k views
Version: x64dbg, compiled on May 26 2016, 01:07:33 | Windows 7 Home Premium 64-bit SP1 Is there a way to increase the exceptions range for 64-bit targets? I am unable to ignore all exceptions. Whether I manually add them all via 'add last' or set my exceptions range from 00000000-ffffffff, nothing seems to work. I've also tried running the target while skipping exceptions (shift+F9) to no avail. The target process never crashed and was able to run without any issues while the debugger was attached. Are there any workarounds for this? Am I doing something wrong? Thanks.
-
x64dbg on crowdin - Can you help with translations?
by crystalboy- 8 replies
- 7.4k views
Hello guys, A couple of days ago @Mr. eXoDia published on crowdin x64dbg translation project. Basically who wants to help need to translate from English to his/her mother language. We are from all over the world here in tuts4you and i think that we must help to thank him creating x64dbg. You can find the project page here: https://crowdin.com/project/x64dbg crystalboy
-
module base
by PeterN- 1 follower
- 8 replies
- 4k views
According to the official documentation the following command should return Loaded module base. But in some cases/modules it does not work.
