x64dbg
An open-source x64/x32 debugger for windows...
171 topics in this forum
-
Hi everyone, Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features: variables, currently command-based only basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A) software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr') hardware breakpoints (access, write, execute), also command-only stepping (over, into, out, n instructions), can be done with buttons/shortcuts memory allocation/deallocation inside the debuggee quick…
-
Weekly Digest
by mrexodia- 18 replies
- 18.7k views
The second weekly digest is up, check it out if you are interested in x64dbg development! http://x64dbg.com/blog/2016/09/04/weekly-digest-2.html
-
Hello everyone, As Artic suggested, this topic is for feature suggestions. Post anything you wanna see in the next release here. Make sure to also post it over at https://bitbucket.org/mrexodia/x64_dbg/issues/new Greetings, Mr. eXoDia
-
Could someone provide me a step by step on how to trace? Can you log the output to a file like OllyDbg does ? thanks
-
AdvancedScript x64dbg Plugin
by ahmadmansoor- 3 followers
- 18 replies
- 21.3k views
just a try to add more feature's to x64dbg script system History Section: - version 2.0: 1-all numbers are hex numbers. 2-more nested in arguments. 3-Build bridge to make plugin system Compatible with x64dbg script system. 4-create parallel Functions to x64dbg Functions, like ( cmp >> cmpx ). 5-rename new name (Varx Getx Setx) and fix array index entry. 6-add VarxClear ( clear all variable to help user in test's ) , memdump with print style. - version 1.6: 1- add Parser system to recognize arguments. 2- begin build Script system. 3- add more Helper Functions. - version 1.4: 1- make StrCompx in separate Thread and add Sleep time to wait x6…
-
x64dbg conditional branches logger [Plugin] 1 2
by Kurapica- 28 replies
- 19.9k views
Hi This is just a work in progress so don't expect too much. Please test it and report if you find bugs. I use it like this : First you need 2 break points to trace between, Start and End. 1 - Throw your target in the debugger. 2 - The Start point should break. 3 - Start the plugin. 4 - Enter the name of the module you are interested in, the plugin will try to detect the name where RIP is now. 5 - Enter the target VA, i.e the point where logging should stop, It's your End point from above. There will be single stepping into this module but if RIP goes out of this module then there will be stepping over…
-
Scripts in x64dbg
by newhak- 13 replies
- 18.7k views
Hi, Can you please tell me if there is any way to run the olleydbg scripts using x64dbg, namely how to run the assembly scripts on x64dbg as it dose not accept that.
-
Unable to Ignore All Exceptions
by GNIREENIGNE- 8 replies
- 17.5k views
Version: x64dbg, compiled on May 26 2016, 01:07:33 | Windows 7 Home Premium 64-bit SP1 Is there a way to increase the exceptions range for 64-bit targets? I am unable to ignore all exceptions. Whether I manually add them all via 'add last' or set my exceptions range from 00000000-ffffffff, nothing seems to work. I've also tried running the target while skipping exceptions (shift+F9) to no avail. The target process never crashed and was able to run without any issues while the debugger was attached. Are there any workarounds for this? Am I doing something wrong? Thanks.
-
Is it a bug ?
by opc0d3- 10 replies
- 17.3k views
Alter to graph. Same line different jumps. Should I open an issue ? Regards.
-
Debugger Detected
by Beast_Hunter- 19 replies
- 17k views
How To Fix Debugger Detected In x64dbg Picture ProtectionID Scan Spoiler -=[ ProtectionID v0.6.7.0 OCTOBER]=- (c) 2003-2015 CDKiLLER & TippeX Build 31/10/15-14:35:10 Ready... Scanning -> C:\Users\Dell\Desktop\VNHAX_PUBGM.exe File Type : 32-Bit Exe (Subsystem : Win CUI / 3), Size : 531968 (081E00h) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) [TimeStamp] 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) | PE Header | - | Offset: 0x00000118 | VA: 0x00400118 | - [TimeStamp] 0x5C42DE39 -> Sat 19th Jan 2019 08:22:17 (GMT) | DebugDirectory | - | Offset…
-
Some little fix
by Hellsp@wn- 15 replies
- 16.9k views
1. if I click cancel in patches windows then see error "failed to save ..." 2. if I want select lines in stack windows it possible only in the second column 3. u can add option to disable register comment anywere? like olldbg - only current EIP 4. can add option to save colums size on main window?
-
.thumb.jpeg.2543d876893bc4a3f440e4ab77c7e3f0.jpeg)
SharpOd plugins
by Oliver- 1 follower
- 1 reply
- 16.5k views
Hi all, I installed 32bit windows but now sharpod plugin not showing in xdbg any solution for that? Thanks in advance.
-
Plugin APIs
by fred26- 2 replies
- 15.7k views
I have been reading the documentation to implement some Debug API functions in a plugin. http://x64dbg.readthedocs.io/en/latest/developers/functions/debug/DbgDisasmAt.html I see a lot of functions, but where can I see the C/C++ prototypes or signature of each one ? Is this link still a working progress doc ? If so, that's fine but would like if someone can point some samples maybe where I can see the functions working. Thanks!
-
Themes for x64_dbg
by cypher- 4 replies
- 15.4k views
So now that coloring is supported I made x64dbg look like my olly so I finally feel "at home". (Also because all other features I missed are now mostly supported) Theme is derived from the original Olly scheme by "Patrick from France", his original quote about it you can add it by replacing the [Colors] section in the .ini with the following [Colors] AbstractTableViewBackgroundColor=#000000 AbstractTableViewHeaderTextColor=#000000 AbstractTableViewSelectionColor=#000080 AbstractTableViewSeparatorColor=#0000FF AbstractTableViewTextColor=#FFFBF0 DisassemblyAddressBackgroundColor=#XXXXXX DisassemblyAddressColor=#808080 DisassemblyBackgro…
-
Unpack UPX Using x64dbg
by CrackDJ- 7 replies
- 14.9k views
Hi guys, script for unpack upx modified is available in somewhere?
-
An Introduction to x64_dbg
by chessgod101- 21 replies
- 14.5k views
I just published a definitive tutorial for x64_dbg. It documents its settings and features and shows you how to use the tool to effectively debug a 64-bit application. This tutorial is aimed at beginners, but has some information that may be useful to more advanced reverse engineers. I hope you enjoy and feel free to ask any questions you may have. http://reverseengineeringtips.blogspot.com/2015/01/an-introduction-to-x64dbg.html
-
Winlicense-Themida Unpacking X64 using x64dbg
by Chicks Roy- 0 replies
- 13.7k views
Please friends, post your knowledge regarding themida x64 unpacking for x64dbg. please post your scripts also.
-
x64dbg Menu
by Bl@ck Virus- 3 replies
- 13.6k views
Hello is there any way that I can add more menu to x64dbg ? Like old debugger ( Ollydbg ) tnx
-
Process terminates on attach
by Schnappi- 8 replies
- 13.4k views
Hello,I have stumbled on application I would like to debug. Since it's 64-bit app the OllyDbg is already out of the picture, so I thought I could use x64_dbg. When I try to attach to that process it starts loading all modules and then I get "Terminated: debugging stopped". I tried to play around with ScyllaHide to the point I enabled all options -> didn't help at all. Tried TitanHide -> nope. I also tried to suspend the process first, but it still terminates on attach.It also shows weird behavior when using Cheat Engine's debugger -> when I set breakpoint the application crashes with single-step or maybe breakpoint exception ( don't remember, but I can eventually…
-
Set a breakpoint for a visual element in x64dbg
by Aldhard Oswine- 2 followers
- 7 replies
- 13.1k views
How can I set a breakpoint for a button click or input field in x64dbg?
-
Problems logging all jumps/calls
by chickenmc- 9 replies
- 12.7k views
Hello all, I am new to x64dbg and I am trying to log all jumps and calls of my main prog1.exe. I am doing so using this command: TraceSetLog "{p:cip}", "dis.isbranch(cip) && prog1.EntryPoint == mod.entry(dis.branchdest(cip))" dis.isbranch(cip) will be true if there is a call or jump and the right part will check if I am in my main prog1.exe (because I don't want to log any jumps/calls from dll's that are loaded - I am only interested in prog1.exe) After that command I type in: StartRunTrace C:\Users\x64user\Desktop\log.txt and then start the Run Trace (one million hits will be logged): TraceOverConditional 0, 1000000 My prob…
-
Invalid-PE Error
by pyutic- 4 replies
- 12.2k views
Hello guys, I found a bug of x32_dbg. though it is valid-pe file and can be executed on the 32-bit system, x32_dbg cannot open a file with error, INVALID_PE FILE. Attachment file is binary, mentioned above. It is a crackme of CODEGATE PRE-QUAL 2011. codegate2011_b500.zip
-
x64dbg patching 0/x
by Shefo- 7 replies
- 11.9k views
Hi there, In x32dbg when i try to patch file it shows me 0/x patch(es) applied knowing that i try to change Jne to Jmp or adding mov al,1 to an empty byte as in these images
-
x64dbg Plugin Manager
by hors- 1 follower
- 7 replies
- 11.5k views
Console example x64plgmnrc.exe -G "C:\x64dbg_root" // Set root path for x64dbg x64plgmnrc.exe -U // Update list from server x64plgmnrc.exe -S // Show list of plugins x64plgmnrc.exe -i x64core // Install last version of x64dbg x64plgmnrc.exe -i AdvancedScript // install AdvancedScript https://github.com/horsicq/x64dbg-Plugin-Manager
-
Strings x64dbg plugin
by hors- 9 replies
- 11.3k views
Strings plugin for x64dbg. Download: https://github.com/horsicq/stringsx64dbg/releases Sources: https://github.com/horsicq/stringsx64dbg/ More Info: http://n10info.blogspot.com/2019/03/strings-plugin-for-x64dbg.html
