x64dbg
An open-source x64/x32 debugger for windows...
172 topics in this forum
-
Hello everyone, As Artic suggested, this topic is for feature suggestions. Post anything you wanna see in the next release here. Make sure to also post it over at https://bitbucket.org/mrexodia/x64_dbg/issues/new Greetings, Mr. eXoDia
-
x64dbg kernel mode
by Darkr- 3 replies
- 7.3k views
Hello, on windows xp, what is best solution to run x64dbg in kernel mode? thanks
-
X64dbg plugin: OWImports
by samoray- 3 replies
- 5.4k views
""Author: qwerty9384 "" Description: Many thanks to the Author OWImports_[unknowncheats.me]_.zip
-
x64dbg plugin 'AttachHelper '
by samoray- 0 replies
- 4.5k views
Author: qwerty9384 Thanks to the Author *** Sorry it's a double post, I havent seen that it was already posted, Please admin delete this thread*** x64dbg_AttachHelper.zip
-
AttachHelper plugin for x64dbg
by XeroNic (HS)- 4 replies
- 6.6k views
This plug-in automatically restores that "DbgBreakPoint", "DbgUiRemoteBreakin". x64dbg_AttachHelper.zip
-
"Check for Updates" problem
by alorent- 0 replies
- 6.1k views
Hi, I'm not sure if there is a problem or I have to set up a specific option in x64dbg to auto-update from the User Interface. When I click on the "Check for updates" button, I get the following error: --------------------------- Network Error! --------------------------- Error creating SSL context () --------------------------- OK --------------------------- I'm using snapshot "Nov 2 2016" but the same error appears with previous snapshots. Of course, I have checked that I have internet connection and no firewall is active. Any help is appreciated. Thanks!
-
- 1 follower
- 7 replies
- 8.1k views
Dear members, my question is about the use of X64dbg (32 or 64 bit any of them) 1- Can anyone, please help me understand the concept behind SEH (structured exception handler) and whether we can use it to reverse an application? 2- and how to use the "watch" feature in x32dbg, I tried it in many ways without prevail... A video tut would be very much appreciated.
-
- 7 replies
- 6.9k views
Hi, I have been ready lots of the documentation and feature request but I have not found it. Sorry if this feature is already available and I missed it. 1) Is there any command to display the content of a specific address? Something like "d eax", "d 0x401000", etc. 2) I can see that there is an option to bypass INT3 instructions. I place few of them in my source code to debug my code, but it's a bit painful that I have to "manually" trace/skip each INT3. Is there any way to make x64dbg to behave like OllyDbg or WinDbg? For example, I put four INT3 instructions, and I just want to press "GO" in each INT3 as I'm interested in stopping in the last INT3 of my s…
-
do you provide breakpoint backup?
by Dragon Palace- 4 replies
- 5.4k views
in breakpoint tab, add a menu, provide breakpoint import, backup, will it possible implement? also, if can compatible with ollydbg breakpoint import, will be more preferred. thanks.
-
asmjit encoding error: Invalid State
by nopunintendo- 1 reply
- 7.5k views
Hello, I'm very new to assembly/disassembly and x64dbg. I just picked it up because I need to patch an old version of Nvidia Screen Capture Service so that it doesn't automatically force-change my Twitch titles. Newer versions of this program do not do this, but the newer versions are also unusable for me. The old version works perfectly fine except for this oddity. So I've found the function call and the address I'd like to jump to, and while using XEDParse, I get this (seems good?): But while using asmjit I get this: My question is, what does "Invalid State" refer to? Is this a syntactical error on my part? Also, does it matter whic…
-
x64dbg conditional branches logger [Plugin] 1 2
by Kurapica- 28 replies
- 37.7k views
Hi This is just a work in progress so don't expect too much. Please test it and report if you find bugs. I use it like this : First you need 2 break points to trace between, Start and End. 1 - Throw your target in the debugger. 2 - The Start point should break. 3 - Start the plugin. 4 - Enter the name of the module you are interested in, the plugin will try to detect the name where RIP is now. 5 - Enter the target VA, i.e the point where logging should stop, It's your End point from above. There will be single stepping into this module but if RIP goes out of this module then there will be stepping over…
-
"Run to user code" not working?
by MarkJoy- 6 replies
- 7.4k views
Hello there, 1. Is it me or the "Run to user code" not working? It seems that I could not make x64dbg pause at user code. Is it a bug? 2. Could you comment out the "SetForegroundWindow" in cbStep()? I have a plugin which is a dialogbox that has 2 button "Run" and "Pause". When it is in running mode, it continuously calls "eSingleStep", SetForegroundWindow in cbStep() is called and makes the main window form active. Since then I could not press the "Pause" button on my dialogbox because the main window is always active and the dialogbox is always inactive. Thank you.
-
Using X64DbG with one crackme packed.
by SoftDatCLS- 2 replies
- 5.5k views
Saludos
-
x64dbg patching 0/x
by Shefo- 7 replies
- 12.5k views
Hi there, In x32dbg when i try to patch file it shows me 0/x patch(es) applied knowing that i try to change Jne to Jmp or adding mov al,1 to an empty byte as in these images
-
x64dbgpy
by mrexodia- 2 replies
- 8k views
Automating x64dbg using Python. https://github.com/x64dbg/x64dbgpy Has been out for quite some time, but I did some slight improvements so now it should be more friendly to use now. I also compiled PyQt5 specifically with x64dbgpy in mind.
-
waiting for since 3 years over.
by Dragon Palace- 1 reply
- 4.6k views
waiting for since 3 years over, when implement unicode string search?
-
Unpack UPX Using x64dbg
by CrackDJ- 7 replies
- 15.5k views
Hi guys, script for unpack upx modified is available in somewhere?
-
- 1 reply
- 6.4k views
Been running with this problem lately, don't know what seems to be causing it. And that's for every single x64. Q: Are you using the latest snapshot build? A: Yes
-
Looking for writers!
by mrexodia- 0 replies
- 4.7k views
Looking for writers! 09 Jul 2016, by mrexodia This will be the official blog for x64dbg. This blog is looking for writers! Send a pull request here to get your content related to x64dbg posted here. Topics Personal or corporate usage of x64dbg (Make sure to keep it legal). Development of x64dbg. Feature showcase (cool features you want to demonstrate). Plugin showcase. Script showcase. Anything else related to x64dbg… Thanks, Duncan
-
When closing X - DBG with the window dump
by sstrato- 18 replies
- 8.1k views
When closing X - DBG with the window dump for example in text mode., the rerun and select Hex dump window is not displayed correctly.
-
x64dbg on crowdin - Can you help with translations?
by crystalboy- 8 replies
- 7.7k views
Hello guys, A couple of days ago @Mr. eXoDia published on crowdin x64dbg translation project. Basically who wants to help need to translate from English to his/her mother language. We are from all over the world here in tuts4you and i think that we must help to thank him creating x64dbg. You can find the project page here: https://crowdin.com/project/x64dbg crystalboy
-
Unable to Ignore All Exceptions
by GNIREENIGNE- 8 replies
- 18.6k views
Version: x64dbg, compiled on May 26 2016, 01:07:33 | Windows 7 Home Premium 64-bit SP1 Is there a way to increase the exceptions range for 64-bit targets? I am unable to ignore all exceptions. Whether I manually add them all via 'add last' or set my exceptions range from 00000000-ffffffff, nothing seems to work. I've also tried running the target while skipping exceptions (shift+F9) to no avail. The target process never crashed and was able to run without any issues while the debugger was attached. Are there any workarounds for this? Am I doing something wrong? Thanks.
-
x64dbg script save log file question
by White- 3 replies
- 9.3k views
Hi, Currently, I am writing script with x64dbg feature. The question is how can I save the log info to a new file, as alike as "wrta" cmd in OllyDbg. mov vBp,0000000140238A8F bphws vBp,"x" LOOP: erun cmp cip,vBp jnz LOOP log "RVA: {d0} VA: {p1} Size: {d2}",rax, rcx, rdx jmp LOOP Here is what I got in x64dbg, every stop at vBp, there is a info "Hardware breakpoint (execute) at 0000000140238A8F !" . Can I remove it with changing settings/preferences ?
-
Invalid parameter passed to CRT function
by Kurapica- 8 replies
- 9.3k views
This error pops up when I click some DLL in the symbols window or when using the "Search for inter-modular calls" for the same DLL After that, x64dbg crashes. Is this an anti-debug trick or a bug in x64dbg ?
-
x64 dbg comments !!!
by Scud- 1 reply
- 10.5k views
Hi everyone ... i'm new to the tuts4you , I like it alot here so many good stuff ,, Well i'm learning reverse engineering with lena's tuto's , since lina uses ollydbg i see ollydbg shows advanced comments after you run the program with it , but not the same in x64 dbg , How do i make it show such comments , the comments of ollydbg helps alot newbies like me ( like extensive comments on calls) , would that be possible for x64 dbg because I like using it . and Thank you ..
