mrexodia Posted April 5, 2015 Author Share Posted April 5, 2015 Mr. eXoDia, First I want to say thank you very much for such a good idea and a wonderful work. I just found about X64_dbg by chance 2 days ago, yesterday I saw you uploaded a new snapshot, I gave it a try it and it's working fine for me, I tired to compile the git head version and the process went smooth as expected. I'm very impressed and I see x64_dbg has a good potential over others I tried in the past. I am trying now to learn more about it's internal and see where I can contribute , I saw the issue tracker hopefully I can reproduce some of the issues and it will be my first step to know more about how it works internally. Thank you again for the Wiki, the help file, and the website and all the work you guys did. I have couple questions, please tell me if there is another forum or post where you discuss, issues, features, design decisions..etc, I will appreciate it so much Thank you and have a nice day Thanks! You can come in contact using IRC (#x64dbg on Freenode) or by posting a topic in this forum (there is a special section for questions etc). You can also hit me up on skype/whatever or when I'm live on http://live.x64dbg.com Link to comment
sstrato Posted April 9, 2015 Share Posted April 9, 2015 The latest snapshots (vs 13) do not work on XP SP3 32 bits. 1 Link to comment
Nemo Posted April 9, 2015 Share Posted April 9, 2015 I'm actually starting to prefer to use this debugger over olly lately. Really Great Work 2 Link to comment
Hypnz Posted April 9, 2015 Share Posted April 9, 2015 I'm actually starting to prefer to use this debugger over olly lately. Really Great Work Indeed. X64dbg is far away better than olly. 1 Link to comment
zhuk Posted April 29, 2015 Share Posted April 29, 2015 Hi, thank you for the x64dbg. I am trying to open 64-bit dll, but it writes that PE is invalid (see the attachment)What is wrong? Thnx.PgnpCmn64.7z Link to comment
kao Posted April 29, 2015 Share Posted April 29, 2015 @winniethepooh/zhuk: that file is not a valid PE file. 2 Link to comment
mrexodia Posted April 29, 2015 Author Share Posted April 29, 2015 Hi, thank you for the x64dbg. I am trying to open 64-bit dll, but it writes that PE is invalid (see the attachment) What is wrong? Thnx. It is because your file is not a valid PE file (at least according to CFF Explorer)... Link to comment
zhuk Posted April 29, 2015 Share Posted April 29, 2015 @winniethepooh/zhuk: that file is not a valid PE file. renamed Link to comment
xxx22xxx Posted July 9, 2015 Share Posted July 9, 2015 i have problem with scripts for themida unpack! there is every time comming error with double line and error with %RESULT wrong command how can i fix it? the script name "Themida ultra unpacker 1.4" and "Themida multi unpacker 1.2" please help Link to comment
mrexodia Posted July 11, 2015 Author Share Posted July 11, 2015 this script is probably not for x64dbg. 1 Link to comment
av999 Posted July 17, 2015 Share Posted July 17, 2015 sorryis analog of dm(lm) command?for working with memory-file structure pshttps://sourceforge.net/projects/x64dbg/files/snapshots/ - don't working now Link to comment
mrexodia Posted July 17, 2015 Author Share Posted July 17, 2015 I doubt there is, since I don't recognize the command However, you can very easily write commands yourself, by either writing a plugin or by sending me a pull request. Soon I plan on deprecating this way of scripting anyway, but until then feel free to add commands Link to comment
av999 Posted July 22, 2015 Share Posted July 22, 2015 (edited) from ollydbgscriptdm- dump memory region to filelm- write to mem from file i didn't find how write byte or word or dword to memory by script for x64 psfoundedsorry Edited July 23, 2015 by av999 Link to comment
mrexodia Posted July 27, 2015 Author Share Posted July 27, 2015 (edited) Posted an issues for you https://github.com/x64dbg/x64dbg/issues/350 next time please also create one there. It's much easier that way. Edited July 27, 2015 by Mr. eXoDia Link to comment
Artic Posted August 27, 2015 Share Posted August 27, 2015 last build from Aug 20, 2015 7:01 AM made the Highlight plugin work again and the String bug i had is fixed too. good job everybody! Link to comment
GIV Posted October 11, 2015 Share Posted October 11, 2015 Hi.Pardon my question, it may sound stupid.How i can search in memory map a hex value on debugged file virtual space? Link to comment
Hypnz Posted October 11, 2015 Share Posted October 11, 2015 As far I know doesn't have search in memory feature:/ Or has and can't find it. At least I can't find it. 1 Link to comment
mrexodia Posted October 20, 2015 Author Share Posted October 20, 2015 It was implemented in one of the latest snapshots. Look for 'Find Pattern...' in the memory map Greetings 1 Link to comment
GIV Posted November 8, 2015 Share Posted November 8, 2015 (edited) Hi all. Sorry if is a dumb question. Why when i use Scyllahide 1.2 on X64DBG i get this error. All files seems fine at their places. Edited November 8, 2015 by GIV Link to comment
mrexodia Posted November 8, 2015 Author Share Posted November 8, 2015 @GIV: its an issue with ScyllaHide. See the readme file for a solution. Greetings 1 Link to comment
b30wulf Posted November 8, 2015 Share Posted November 8, 2015 @GIVNOTE: You need to put NtApiCollection.ini in the same directory as ScyllaHide.dll or the following hooks will not work: NtUserQueryWindow, NtUserBuildHwndList, NtUserFindWindowExInfo about NtApiCollection.ini:Some Nt* WINAPI functions are not exported by a DLL, so it is necessary to get the function adresses from another source. The other source is the PDB file. The adresses can be resolved with this tool: https://bitbucket.org/NtQuery/pdb-getprocaddressIt will download the PDB file from the Microsoft server to resolve the missing function adresses.Binaries: https://bitbucket.org/NtQuery/scyllahide/downloads/NtApiTool.rar 1 Link to comment
b30wulf Posted November 8, 2015 Share Posted November 8, 2015 @GIVNOTE: You need to put NtApiCollection.ini in the same directory as ScyllaHide.dll or the following hooks will not work: NtUserQueryWindow, NtUserBuildHwndList, NtUserFindWindowExInfo about NtApiCollection.ini:Some Nt* WINAPI functions are not exported by a DLL, so it is necessary to get the function adresses from another source. The other source is the PDB file. The adresses can be resolved with this tool: https://bitbucket.org/NtQuery/pdb-getprocaddressIt will download the PDB file from the Microsoft server to resolve the missing function adresses.Binaries: https://bitbucket.org/NtQuery/scyllahide/downloads/NtApiTool.rar Link to comment
b30wulf Posted November 9, 2015 Share Posted November 9, 2015 @GivNOTE: You need to put NtApiCollection.ini in the same directory as ScyllaHide.dll or the following hooks will not work: NtUserQueryWindow, NtUserBuildHwndList, NtUserFindWindowExInfo about NtApiCollection.ini:Some Nt* WINAPI functions are not exported by a DLL, so it is necessary to get the function adresses from another source. The other source is the PDB file. The adresses can be resolved with this tool: https://bitbucket.org/NtQuery/pdb-getprocaddressIt will download the PDB file from the Microsoft server to resolve the missing function adresses.Binaries: https://bitbucket.org/NtQuery/scyllahide/downloads/NtApiTool.rar Link to comment
sstrato Posted November 17, 2015 Share Posted November 17, 2015 Since he has gone capstone there are a few problems in both x64 and x32;They are launching many snapshots without any solution or change. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now