x64dbg

[mrexodia]

@sstrato could you be more specific about the problems you mentioned? Various have been solved already in a branch.

[sstrato]

In X32:
1- When the MOV instruction patch does not resolve correctly.

error-x32-1.wmv

2- When you drag a program to debug if already loaded another x32 x64 crashes, but it's no problem occurs des notes that the tab was added.

error-x32-2.wmv

In X64 if not an error is rather an aesthetic problem to patch an instruction concerning registration ds patched window shows a displacement + ip address.

x64.wmv

[GIV]

I have a issue with X32 version too.

If i follow in dump a address is displayed another address.

Here is a video attached.

X32.rar

[mrexodia]

@sstrato @GIV: thanks for your reports, they are all posted on http://issues.x64dbg.comand will be looked into.

 

@GIV: could you try if you can scroll to the stack address manually from where it goes in the dump?

[sstrato]

Since the changes made from snapshot Build # 204 (Nov 24, 2015 1:57:45) going slow on xp x32.
Some instructions follow parcheandose x32 wrong. Error-x32-1.wmv video.

Edited November 29, 2015 by sstrato

[GIV]

On 20.11.2015, 00:21:19, Mr. eXoDia said:

@GIV: could you try if you can scroll to the stack address manually from where it goes in the dump?

I cannot. This is a huge bug IMHO. I hope it will be fixed.

[mrexodia]

10 minutes ago, GIV said:

I cannot. This is a huge bug IMHO. I hope it will be fixed.

At this point I cannot reproduce the bug, but I added it to http://issues.x64dbg.com so possibly it will be solved in the future.

[GIV]

Hi.

I saw that you have added the issue on the topics of the debugger.

Thanks. I hope it will be solved.

[GIV]

Another issue.

I have installed and used the 64bit version on a random program to see how is behave.

If i try to run the program under the debugger the debugger crash.

Here is a video.

Quote

http://www48.zippyshare.com/v/SfLAH2YK/file.html

If i made patches to the dump without running the patches widow freeze and the program crash also.

Quote

http://www3.zippyshare.com/v/mBmTXwnS/file.html

Is the lastest snapsot of X64dbg with Scyllahide plugin and run as administrator.

Edited December 1, 2015 by GIV

[mrexodia]

Could you try without ScyllaHide? People have been reporting weird access violations lately with it.

I will check it out when I can.

[GIV]

OK.

Here is without.

Quote

http://www20.zippyshare.com/v/BKTkZOYo/file.html

I have 8.1 X64 with latest updates.

Edited December 1, 2015 by GIV
Add OS info

[mrexodia]

I should really make some consistent location for the snapshots. SourceForge doesn't have the latest snapshot anymore. The latest can always be found on http://releases.x64dbg.com and http://jenkins.x64dbg.com anyways I will try to reproduce it but I don't have much time these days unfortunately.

[sstrato]

X32dbg not work on xp.

Has ended support XP?

Edited December 18, 2015 by sstrato

[mrexodia]

Hello,

As far as I know there are no breaking changes that involve XP support. Is it missing any imports or is there something else? XP is not officially supported and nobody tests on it do I cannot verify.

Greetings

[sstrato]

8 hours ago, Mr. eXoDia said:

Hello,

As far as I know there are no breaking changes that involve XP support. Is it missing any imports or is there something else? XP is not officially supported and nobody tests on it do I cannot verify.

Greetings

[kao]

Some time ago, @Mr. eXoDia switched to new Visual Studio - and it produces executables that won't run in XP. It's the same thing with ScyllaHide.

@sstrato: If you compile your own build with older VisualStudio and properly target WinXP, it should work just fine.

[mrexodia]

kao: we are building with the v120_xp platform, I think someone just used the wrong API there

[sstrato]

4 hours ago, Mr. eXoDia said:

kao: we are building with the v120_xp platform, I think someone just used the wrong API there

K32EnumProcessModules, K32GetMappedFileNameW, K32GetModuleFileNameExW (Kernel32.dll) No soportadas por XP.

EnumProcessModules, GetMappedFileNameW, GetModuleFileNameExW (Psapi.dll) Ok XP.

Edited December 22, 2015 by sstrato

[mrexodia]

3 hours ago, sstrato said:

K32EnumProcessModules, K32GetMappedFileNameW, K32GetModuleFileNameExW (Kernel32.dll) No soportadas por XP.

EnumProcessModules, GetMappedFileNameW, GetModuleFileNameExW (Psapi.dll) Ok XP.

Recently someody changed a definition. Probably it can easily be fixed.

[sstrato]

On 17/11/2015 at 9:02 PM, sstrato said:

In X32:
1- When the MOV instruction patch does not resolve correctly.

error-x32-1.wmv

2- When you drag a program to debug if already loaded another x32 x64 crashes, but it's no problem occurs des notes that the tab was added.

error-x32-2.wmv

In X64 if not an error is rather an aesthetic problem to patch an instruction concerning registration ds patched window shows a displacement + ip address.

x64.wmv

It is possible to solve the problems of this post.

Edited December 26, 2015 by sstrato

[mrexodia]

On 26-12-2015 at 11:36 AM, sstrato said:

It is possible to solve the problems of this post.

#1 I think we solved it https://github.com/x64dbg/x64dbg/issues/416

#2 checked just now, it's also solved

#3 is not solved but its on the list.

The latest version is available from http://releases.x64dbg.com or http://jenkins.x64dbg.com the sourceforge repository is now deprecated so maybe you don't have the latest snapshot because of that.

Greetings

[sstrato]

In xp 32bit this problem persists.

[mrexodia]

@sstrato: yea, just confirmed the issue. The reason for this is that XEDParse has a bug that doesn't automatically assemble in ss mode. To solve it (for now), add the ss flag by hand.

Greetings

[mrexodia]

@sstrato: this should fix your problem: https://github.com/x64dbg/XEDParse/releases/download/1.0.16/release.zip

 

[sstrato]

13 minutes ago, Mr. eXoDia said:

@sstrato: this should fix your problem: https://github.com/x64dbg/XEDParse/releases/download/1.0.16/release.zip

 

Now works fine, thanks