x64dbg

This error pops up when I click some DLL in the symbols window or when using the "Search for inter-modular calls" for the same DLL After that, x64dbg crashes. Is this an anti-debug trick or a bug in x64dbg ?

Hi everyone ... i'm new to the tuts4you , I like it alot here so many good stuff ,, Well i'm learning reverse engineering with lena's tuto's , since lina uses ollydbg i see ollydbg shows advanced comments after you run the program with it , but not the same in x64 dbg , How do i make it show such comments , the comments of ollydbg helps alot newbies like me ( like extensive comments on calls) , would that be possible for x64 dbg because I like using it . and Thank you ..

Hello is there any way that I can add more menu to x64dbg ? Like old debugger ( Ollydbg ) tnx

hello all how can I convert Some DLL Offset address to VA ? can i do it directly by x64dbg ? tnx in advance am.dll

Hello guys, Now I made script of x64_dbg. I wish that I develope script which log trace log. but I cannot implement for log anything on script API. Is there any script API for that doing, logging or saving? For my wish, Should I develop feature as plug-in? I found API, refinit/refadd, but It is not enough to me

So now that coloring is supported I made x64dbg look like my olly so I finally feel "at home". (Also because all other features I missed are now mostly supported) Theme is derived from the original Olly scheme by "Patrick from France", his original quote about it you can add it by replacing the [Colors] section in the .ini with the following [Colors] AbstractTableViewBackgroundColor=#000000 AbstractTableViewHeaderTextColor=#000000 AbstractTableViewSelectionColor=#000080 AbstractTableViewSeparatorColor=#0000FF AbstractTableViewTextColor=#FFFBF0 DisassemblyAddressBackgroundColor=#XXXXXX DisassemblyAddressColor=#808080 DisassemblyBackgro…

Hello everyone, im new her and do have a question. I did debug an executable and changed some code. When im trying to save the file an error pops up that the module name couldnt be read. Does anyone know why this is happening? I can send the file if someone wants to look at it. It seems to me that the changes I want to write are not in the executable but maybe in memory. Attached is the String im changing. I just want to noop the jmp command.

I'm still getting used to this scripting engine... so far for all the other versions variable declarations where: var x and that was goo... however... I do it and in the log window, I get "Invalid Variable Name" ? should I declare it in a specific scope? or it can be under a label scope ?

When you run a program when creating hbp in a memory location created by this program entirely correct. The problem arises when the program is running and when it re-creates the same memory locations are disabled and the BPH is impossible to erase restarts. Video example. HBP.wmv

1) when i delete or rename my target, when its running in x64dbg, its crashing, when i stop it or just restart it. 2) when a target runs in x64dbg and i load a new one, via drag and drop, x64dbg freezes, but does not crash. my typical workflow maybe.

Hi, first of all thx for everyone that worked on this project, its fantastic, and thx to this fantastic community, im trying some basic scripting and i want to search to all the instructions cmp in a pattern, so i was trying something like Findasm "cmp ?, ?" without success, is there a way to do that using wildcard characters or through other commands to search all the cmp instructions in a pattern? thx in advance

I have this error when you restart the debugger, so simple, please watch the video where this error. Thank you. error.zip

Hi, I'm writing a simple script to search the OEP of MPRESS, something very basic. but not if I'm doing some wrong command, or a bug. The problem is that in line 6 does not run correctly and does nothing, then the comment should be in the OEP is set to the jump just before going to the OEP Image: http://i.imgur.com/izPmah3.jpg // start msg "MPRESS OEP Finder v1.0 By Jhonjhon_123" // clear all bph bc bphc // go run sti bphws esp,rw run sti cmt eip,"OEP; MPRESS OEP Finder v1.0 By Jhonjhon_123" // end ret I attached the sample crackme which is not working. I am using Windows XP SP3. Thank you. CrackeMeby°Designer Shoes°.zip

I just published a definitive tutorial for x64_dbg. It documents its settings and features and shows you how to use the tool to effectively debug a 64-bit application. This tutorial is aimed at beginners, but has some information that may be useful to more advanced reverse engineers. I hope you enjoy and feel free to ask any questions you may have. http://reverseengineeringtips.blogspot.com/2015/01/an-introduction-to-x64dbg.html

Hello guys, I found a bug of x32_dbg. though it is valid-pe file and can be executed on the 32-bit system, x32_dbg cannot open a file with error, INVALID_PE FILE. Attachment file is binary, mentioned above. It is a crackme of CODEGATE PRE-QUAL 2011. codegate2011_b500.zip

Hey everyone, Because I personally don't have so much time as before I set up a service that automatically builds snapshots from the x64_dbg master branch. If you find a bug, please also verify that it's still in the snapshot. The snapshots are generally considered stable, but you should not them for plugin development. Download Snapshots: https://sourceforge.net/projects/x64dbg/files/snapshots/ Greetings, Mr. eXoDia

1. didn't you see, when we click on next asm code of jump xxxxxx, the red arrow jump line will automaticlly showed on OllyDBG, but none in x32dbg. eg: 00401000 jnz 004010004 00401001 xxxxxxxxxx 00401002 xxxxxxxxxx 00401003 jmp 00401005 00401004 xxxxxxxxxxxxxxxxxx <----------- If you click here, the red jump line will automatic showed in OllyDBG jump from 00401000, but none in x32dbg, will this implement? 00401005 xxxxxxxxxxxxxx 2. didn't you see, when we search something, will result many, at current, we need set each breakpoint by press F2 many times one by one, so if I find thousand times of mov al, 1, should I need press F2 shousand times to set b…

Hey everyone, We would appreciate screen recordings that show you working with x64dbg to see about the usability of the software (or features people generally don't know about). These recordings will be kept confidential if desired. I think they would really help us to figure out what is needed most for x64dbg in the future. Recently I saw Reaver from teknogods working live with x64dbg and I immediately found some things that needed fixing. Feel free to PM your recordings to me or post them publicly in this forum. Greetings, Mr. eXoDia

Hello,I have stumbled on application I would like to debug. Since it's 64-bit app the OllyDbg is already out of the picture, so I thought I could use x64_dbg. When I try to attach to that process it starts loading all modules and then I get "Terminated: debugging stopped". I tried to play around with ScyllaHide to the point I enabled all options -> didn't help at all. Tried TitanHide -> nope. I also tried to suspend the process first, but it still terminates on attach.It also shows weird behavior when using Cheat Engine's debugger -> when I set breakpoint the application crashes with single-step or maybe breakpoint exception ( don't remember, but I can eventually…

Hello everyone, Recently there have been some questions regarding UNICODE support in x64_dbg. If you're a Chinese/Russian/Vietnamese/Japanese/Whatever user, please try this test version on your computer and report any bugs on http://issues.x64dbg.com or in this topic. Everything inside x64_dbg should have UNICODE support. Comments/variables/scripts etc are all supported (hopefully). Notice that your script files should be encoded UTF-8 without BOM. Notice that this is not an official release. This is a branch called 'utf8_support', if it turns out to be working good, there will be a new release. Attached the test build. Greetings, Mr. eXoDia dev22g.r…

sometimes i have multiple breapoints i would like to disable, for the moment i have to click them all separate, is it possible that with every space typing could let the "curser" go up to the next one and typing again will deactive this one too? ollydbg v2 has this feature. like always if its not clear, write me a pm

1. if I click cancel in patches windows then see error "failed to save ..." 2. if I want select lines in stack windows it possible only in the second column 3. u can add option to disable register comment anywere? like olldbg - only current EIP 4. can add option to save colums size on main window?

1. how about add horzontal and vertical scroll bar in each windows, ie: assembler window, register window 2. how about add CTRL + F to find special string in searched list strings? 3. How about infobox? implement it yet? If I want to serial fishing when use it to show serial numbers when I infinity F7, F8,

when I setting the font, it says setting saved, but when I restart x32_dbg.exe, it restored default setting, my os is chinese x64 win 7 ultimate. will you fix it?

Mr. eXoDia is it possible to make some additions in CPU tab? I think It will be very usefull to add option to make view like this