Aguila

now we can rock

@converse: Both scripts and plugins are already supported. Phantom/StrongOD will never be supported though, because they use the ollydbg plugin engine.

@Aguila: Leaving out the GUI, there are a few things that need some work, just tell me if you like something:

• more (script) commands (eg find eip,#12?3??54#, gmi/gma using TitanEngine for retrieving imagebase etc, etc)
• commands to dump memory regions/modules (using the Scylla DLL?)
• working on XEDParse, to support more instructions (would really help a lot)
• plugin API needs a good look (is there more needed, apart from GUI interaction)
• TitanEngine bugfixing (would really help a lot, there are many bugs)
• multi-layered loop definition commands (just like the functions), check out DbgGetLoopTypeAt in the Bridge
• optimization
• better roadmap lol

@ahmadmansoor: Yep, we can rock

 

Greetings

I think that you should delay this to somewhere in the future, because scylla has a nice memory/pe dumper, so it is not really necessary:

• commands to dump memory regions/modules (using the Scylla DLL?)
  

 

 

TitanEngine bugfixing (would really help a lot, there are many bugs)

How do you know that there are many bugs? And how can we find them?

 

So it looks like fixing titanengine is still very important.

 

 

PS: Don't forget to add a Thread Viewer, I think this is also important.

 

 

@Aguila: Why delay? It's useful to have this one your hands when you need it. I know it's in Scylla, but having it as scripting feature is really powerful.

Regarding the bugs: Just read some code (I kinda refactored everything this evening) and you'll see the bugs come out. The main thing needed is testing modules for everything, which is a TERRIBLE lot of work

An example of a bug/design flaw: TitanEngine is not thread-safe, memory breakpoints fail, GlobalAPIHandler bugs, x64 is not fully supported, the memory footprint is terrible (need to use vectors instead of static lists), it needs a MemoryRead/MemoryWrite function that covers breakpoint data, stuff like this.

Will add the thread viewer, but it will come together with a better GUI api I guess

Greetings

Small changes that fix the strange 0xC0000005 bugs when stepping too quickly, also breakpoint performance is increased. Download the fixed TitanEngine here to have these fixes immediately.

https://bitbucket.org/mrexodia/x64_dbg/downloads/TitanEngine_hotfix.rar

Greetings,

Mr. eXoDia

V1.2ALPHA is out!

Changelog:

- many small crash fixes (stack overflows etc)

- many fixes regarding the Dump window

- different dump views

- bugs with valfromstring fixed (now much faster)

- latest development version of TitanEngine Community Edition (many, many, many fixes)

- simple thread view

- project design overview (x64_dbg_sceme.vsd), useful for plugin developers

- TLS callback support

- informative window title

- user preferences (eg on which events to break)

- bug with the recent file list fixed

- ignore exception ranges

- debug strings are now displayed (escaped)

- added 'xor' command

- many fixes in the script engine

- simple stack display

Download:

https://bitbucket.org/mrexodia/x64_dbg/downloads

Greetings,

Mr. eXoDia

really good update version. much better than ever.

This debugger is so much better every day. I try to debug a file with IDA and x64_dbg, and now is more more easy with x64_dbg. Any way to locate addresses from one offset address? I try to go in one addres in dll file and don´t know how do it.

@Mr. eXoDia:

One of the best x64 debugger!

Some features to be added:

All Strings from exe (Az):
- please add search a string on them
- please add set breakpoint on the string address
Other features to be added:

- the ability to save changes to file

- the ability to view call stack,

Hoping you will implement at least some of these!

 

Best regards

CodeCracker

Edited April 5, 201411 yr by CodeCracker

@arturo1000: glad you like it! Currently there is no way to get the VA from an offset of RVA, but it is possible to make a plugin that does this. It was added to the todo list.

@CodeCracker: thanks String searching has already been implemented, but in the currently release it is buggy (just start typing in the list and it will search). Breakpoint is a really good idea, will add that immediately! Sorting a StdTable (where the strings are stored in) is currently not supported, but it is also on the todo list. Same for saving patches and the callstack

Greetings

Edited April 5, 201411 yr by Mr. eXoDia

any possible transfer breakpoint from OD v1.10 & OD v2.01 into X64_DBG? or say it Import breakpoint from OD.

@chixiaojie: No, it's not currently possible and it will never be directly supported by x64_dbg. You can however create a plugin that makes changes to the SQLite database. I will add support for this in the bridge.@ChVL: I also found that this happens sometimes, but I cannot reproduce it correctly. I think it has something to do with TitanEngine, but it requires some more testing time.@CodeCracker: Currently I did not implement GUI-friendly stuff (like putting breakpoints in the references and other stuff), but please tell me when you find some more, it is on the ToDo list. I just had many requests for this feature.V1.4ALPHA is out (lol, kinda spamming)Changelog:
- fixed some bugs with references
- added the 'Previous (-)' and 'Next (+)' function (to get back to your previous address of interest). This has a maximum depth of 1024, but it's easy to change this to any other value, since I use dynamic arraysDownload:
https://bitbucket.org/mrexodia/x64_dbg/downloadsGreetings,Mr. eXoDia

Edited April 8, 201411 yr by Mr. eXoDia

hello, wrong with release version,

 

release is v1.4

 

here is v1.5.

Is "Trace" option presented into your TODO list? If no, add it please. :-)

 

Also thanks for implementing "-" button

 

Also found bug: "Open" windows says it's allowed to choose *.exe AND *.dll. But if you choose .dll debugger says "error starting process (invalid pe?)". Probably it should call something like loaddll.exe...

Edited April 16, 201411 yr by fetch

V1.5ALPHA is released!

Changelog:

- added debug privilege option (TitanEngine)

- fixed a bug with GetFileNameFromHandle ('error starting process (invalid pe?)')

- fixed a bug with attaching to an x32 process from the x64 debugger

- added 'detach' command

- added twords,dqwords,ywords and zwords

- added a menu API for plugins

- movable tabs

- detachable tabs (for example to place a tab on a second screen)

- fixed a bug with [esp]=4 (valtostring)

- fixed a lot of bugs with scripts

- removed result display of the mov instruction

- press enter on a script jump to get to the destination

- basic script syntax highlighting

- added RVA view in disassembly (double click on the address)

- double click on the opcodes to toggle breakpoints

- double click on the disassembly to assemble

- double clikc on the comments to comment

- fixed an annoying bug with searching for referenced strings

- when you use '-1' in the ExceptionRangeDialog it will use 'FFFFFFFF' instead

- better documentation

- added a simple 'find' command for scripts

- added find references to an address (ctrl+r)

Download:

http://x64dbg.com

Greetings,

Mr. eXoDia

Cool!

 

Shame about the known problems with owner draw Qt controls, otherwise having the text output look the same as Olly would be cool.

Shame about the known problems with owner draw Qt controls,

 

 

what do you mean?

I have a suggestion, when starting the program on the lower left corner it displays a red "Terminated" text, it should display "Ready" or "Load a file".

Does this support ollydbg 1.10 plugins?

Nope

 

 

I don't understand this one completely, do you mean this?:

 

yes exactly  wait for the update thx

Edited May 10, 201411 yr by Hellsp@wn

V1.6ALPHA is out!

This version is actually to be compatible with ScyllaHide, so many asked things are not yet implemented.

Changelog:

- search for menu in disassembly context menu

- 'ready' instead of 'terminated' on start

- selection API

- updated find, strref and reffind commands

- strings in the stack

- follow in dump/disasm/stack in stack context menu

- force default alignment in SDK

- section names in memory map

- bring debugger to front when paused

- fixed a bug with the '=' sign

- added a line edit window api

- updated TitanEngine (fixes some handle leaks and maybe hanging bugs)

Download:

https://sourceforge.net/projects/x64dbg/files/latest/download

Online Help:

http://mrexodia.cf/x64hlp/

Source Repository:

http://x64dbg.com

Greetings,

Mr. eXoDia

Day by day it make the way to become in default X64 debugger a few of Us. With the progress it have is possible do a lot of thing that in IDA is more troublesome.

V1.7ALPHA is out!

Changelog:

- some help updates

- added version information to file

- detach using right click -> detach on the tab you want to detach

- fixed a bug when searching for strings twice (search didn't work)

- fixd a crash on loading an empty script

- fixed a potential overflow while escaping a debug string

- escape the section names from the memory map

- better pattern finder

- added command auto-completion (includes plugin commands)

- removed an annoying log message on clicking a plugin menu

- fixed bugs in GuiSelectionGet & GuiSelectionSet (thanks to ahmadmansoor)

- added commandline support (x64_dbg.exe "c:\program files\test.exe")

- fixed a bug in modbasefromname (thanks to Artic!)

- added status bar API

- added bpdll command

- fixed a bug in DeviceNameResolver

- fixed various bugs in TitanEngine

- fixed a bug with manual functions in the GUI

- added various bridge exports

Download:

https://sf.net/p/x64dbg

Greetings,

Mr. eXoDia

V1.8ALPHA is out!

Welcome tr4ceflow to the team!

Changelog:

- added IDA-like sidebar

- color customization

- instruction tokenizing

- allow highlighting of instruction tokens (CTRL+H)

- new register view that highlights changes

- fixed a bug with detaching

- updated BeaEngine

- new database format (JSON + lz4)

- massive performance improvements

- use SHIFT for selection

- small fixes

- project code cleaup

- more API functions

Website (made by tr4ceflow):

http://x64dbg.com

Greetings,

Mr. eXoDia

Edited June 21, 201411 yr by Mr. eXoDia

f**k yeah! thanks alot everybody! <3

i will test it and give feedback.

Edited June 21, 201411 yr by Artic