x64dbg
An open-source x64/x32 debugger for windows...
171 topics in this forum
-
x64dbg plugin in delphi
by remek002- 4 replies
- 5.9k views
I recently started playing with the Delphi language and decided to create a little x64dbg plugin that will add a calculator and a notepad in x64dbg. Since @quygia128 made x64_dbg-PluginSDK and the CleanupEx plugin, I decided to go with x64_dbg-PluginSDK. Due to the fact that x64_dbg-PluginSDK lacks a few functions, because the last update was in 2014 and for this reason there were some functions missing in the code, e.g. you cannot add icons, menu in disassembly, HexDump etc... I tried to compile the plugin with DELPHI x96dbg Plugins SDK, but the plugin does not work, i.e. x64dbg crashed. Then I decided to update x64_dbg-PluginSDK and add the missing f…
-
Save Patch file problem in xdbg
by Louatamvik- 2 followers
- 4 replies
- 5.3k views
after edit target in xdbg64 and click to Patch ,when want to save patch ,not save patch. use latest version of xdbg but I don't know why have this problem!
-
Post Use Global Variable too Run Multipal Script
by ahmadmansoor- 0 replies
- 3.7k views
This will explain the way to run a main Script From GUI of x64dbgScript, and sub Script from BP dialog box command. you can find a sample at the main link of the x64dbgScript at GitHub https://github.com/Ahmadmansoor/x64d...ee/main/Sample tut
-
Post Export Functions Comments Labels from IDA inside x64dbg
by ahmadmansoor- 0 replies
- 2.8k views
Export Functions Comments Labels from IDA inside x64dbg using x64dbgScript plugins you can find codes at : https://github.com/Ahmadmansoor/x64dbgScript tut link: https://www.youtube.com/watch?v=TbbBPPh-vf4
-
patches are not applied :(
by yovimi- 1 follower
- 2 replies
- 3.7k views
Hi, I have a program that is packed with vmp , when I run it and try to make any patch, the x64dbg writes to me that 0/2 patches have been applied , I know that this may be due to the fact that the program is packed and when unpacking it unpacks the exe that was originally packed 🤒
-
- 1 follower
- 1 reply
- 3.6k views
Hi there ! I want to know how to find string references in x64dbg as Olly does : it finds every string references I need when I open Memory map window, then rightclick on "Search" and then I enter the word I wanna search. How to get the same result with x64dbg ? I'm sure it is possible but I don't know how to do it.
-
- 1 follower
- 18 replies
- 4.5k views
How to clear previous brakpoints? Clear DB not doing job!!! Even i clear DB when i reload the EXE breakpoints remains - Hot to reload exe WO any modification ? Thansk Any idea
-
x64dbg i cant debug because error thrid-party
by LinhVietNam- 1 follower
- 1 reply
- 5.6k views
i need help. i cant debug or run program because noti i use thrid-party
-
help for a newbie...
by marco007- 1 follower
- 0 replies
- 4.4k views
Hi to all, i'm new of reverse eng.... i start to reverse two or three small easy program to learn how to do it! load program in ollydbg, press F9 to go exactly in .exe module..., search of error string and put a BP on address run program that stop at BP... and then go backward to find a test... i change it , save and check.. wont work or fix pc... someone can explain me? thanx !😊 PS: now i have another prog that recognise ollydbg and wont start.....😡
-
- 1 follower
- 1 reply
- 4.1k views
Hello, I'm writing a code cave in the .text section I want to use a counter / variable and am using a location at the end of the .data section (which is writable) However when the code re-runs, while all the addresses in .text section are updating to take account of ASLR. The instruction that references the location in the .data section doesn't update the address location. Here is an example mov eax,dword ptr ds:[1E7EFF0] While the underlying relative address is unchanged, I need the absolute address to update each time the program is loaded. Is there a way that I can do this or do I need to use something like VirtualProtect and allocat…
-
.thumb.png.cfc7dc425268a21515a347365339e83e.png)
Renaming variables in x64dbg
by amateur- 2 followers
- 0 replies
- 4.9k views
Hi. I don't know if is the right section for this. My -quick- question is, if there is a plugin or script, that i'm missing, which allows to rename variables in x64dbg. -Thanks!
-
- 1 follower
- 1 reply
- 5.2k views
Hello, I'm trying to follow Challenge Lab09-01.exe from Practical Malware Analysis book challenges and can't find how I can pass command line argument to program with x32dbg, similarly on how this is written for Olly. Can you please help? This is how this is recommended to do in Olly:
-
AdvancedScript x64dbg Plugin
by ahmadmansoor- 3 followers
- 18 replies
- 21.2k views
just a try to add more feature's to x64dbg script system History Section: - version 2.0: 1-all numbers are hex numbers. 2-more nested in arguments. 3-Build bridge to make plugin system Compatible with x64dbg script system. 4-create parallel Functions to x64dbg Functions, like ( cmp >> cmpx ). 5-rename new name (Varx Getx Setx) and fix array index entry. 6-add VarxClear ( clear all variable to help user in test's ) , memdump with print style. - version 1.6: 1- add Parser system to recognize arguments. 2- begin build Script system. 3- add more Helper Functions. - version 1.4: 1- make StrCompx in separate Thread and add Sleep time to wait x6…
-
- 1 follower
- 0 replies
- 4.4k views
Hello Like the title says, is there an alternative "Analyze This" plugin for x64dbg ? Thanks
-
x64dbg character issues
by schoolboy- 1 reply
- 4.9k views
I did update to x64dbg then these characters seem to have a problem with all characters corrupt as seen in the picture but what? https://prnt.sc/118j59v I did an upload again here:https://sourceforge.net/projects/x64dbg/files/snapshots/ the problem continues.
-
Strings x64dbg plugin
by hors- 9 replies
- 11.3k views
Strings plugin for x64dbg. Download: https://github.com/horsicq/stringsx64dbg/releases Sources: https://github.com/horsicq/stringsx64dbg/ More Info: http://n10info.blogspot.com/2019/03/strings-plugin-for-x64dbg.html
-
help with x64dbg script
by abbas- 2 followers
- 2 replies
- 5.7k views
hi all i googled but i couldn't find appropriate commands. here is what i want to do: find all intermodular calls. put bp on all. run the script which itself resumes the process and removes any bp that is hit. then i stop the script when all unwanted BPs are removed.
-
- 1 reply
- 7k views
Hi, How to set condition expression to pause when special cmd meets? Ollydbg has a feature, which called "Command is one of" condition expression in "Condition to pause run trace" panel. Have searched expressions at x64_dbg introduction paper, but not found a proper solution. So I am wandering if there is any expression in x64_dbg which I do'n't know. Hoping someone could provide any idea about this problem.
-
x64dbg Stylesheets
by H1TC43R- 0 replies
- 5.4k views
Came across these Stylesheets and thought i would share, these are not created by me but look better than the cream, there are 10 different versions for most taste's, here's a sample of them h"""s://github.com/x64dbg/x64dbg/wiki/Stylesheets
-
- 2 followers
- 0 replies
- 7k views
Hello, I had Windows 7 x64 that worked well with SharpOD x64 and x32dbg, but now I have Windows 7 32-Bit. What is the equivalent of my previous configuration for a 32-bit Windows 7? TIA.
-
Set a breakpoint for a visual element in x64dbg
by Aldhard Oswine- 2 followers
- 7 replies
- 13.1k views
How can I set a breakpoint for a button click or input field in x64dbg?
-
x64dbg and UWP
by JustAGuy- 1 reply
- 10.5k views
is there a chance for x64dbg to support debugging of UWP applications? Only windbg seems to support these so far. 😞
-
How to switch between windows
by schoolboy- 3 replies
- 5.6k views
I couldn't find an argument to jump to the breakpoint window. https://help.x64dbg.com/en/latest/commands/script/index.html bpd bphd bpmd find cip, "00 00 00 00" cmp $result, 0 je error bp $result cmt $result,"OEP" //d //--> If I make "d" here, it goes to the Cpu window. Is there a parameter to jump to the breakpoint window like this? msg "Please switch to breakpoint window" ret error: msg "Pattern not found!" ret
-
Problem with mapping x32dbg
by Euclidyr- 2 replies
- 5.4k views
Hello guys, i am very new to this reverse engineering. I will try to explain my problem. After i tried unpacking a dll, i have a problem of mapping some relative addresses. My imagebase is 0x10000000. Everytime i loaded the dll into memory, the base address changes. As shown in the pictures below, the addresses behind CALL and JUMP instructions are changed accordingly. But the addresses after PUSH or after dword ptr data segment, seem to remain unchanged. My question is how can I fix this problem? and what do u refer this problem as? Im grateful for all of you who can enlighten me... thank you guys!
-
static binary analysis
by fletcher- 3 replies
- 7.8k views
how can i do it?(no debug, only static analysis)
