Jump to content
Tuts 4 You
mrexodia

x64dbg

Recommended Posts

kgh0701

thanks for this great work .


Share this post


Link to post
Share on other sites
mrexodia

Hello guys,

If you posted suggestions here and you didn't see them in the new release, don't worry. We take them seriously, but we cannot implement every suggestion in a new release. Especially small things like new context menus etc take a lot of time and we want to focus on big differences.

In time everything you guys suggest will be implemented :)

Greetings,

Mr. eXoDia

  • Like 2

Share this post


Link to post
Share on other sites
Teddy Rogers

Note for everyone... please can you create new topics - in this forum - for bug reports and feature requests so that Mr. eXoDia can keep this topic for announcing new versions and change logs. Thank you...

Ted.

  • Like 2

Share this post


Link to post
Share on other sites
mrexodia

V1.9ALPHA is out, featuring many requested changes!

Changelog:

- fixed scroll bar ranges in tables

- support SetThreadName exception

- fixed a very annoying bug on some systems with the '^' character being inserted after the '6' without shift pressed

- re-enabled autocomments (strings etc)

- strings in register view

- search for inter-modular calls

- CALL <jmp.&user32.MessageBoxA> auto label

- shift+click selection

- latest XEDParse version (you can now assemble jumps etc)

- auto-select next instruction after assembling

- assemble -> fill with NOPs

- fixed a bug with the sidebar (jumps going out of the bar have no lines anymore)

- breakpoint menu in dump (hwbp)

- hexdump ASCII/UNICODE are now actually readable (no spaces between characters)

- save previous hexdump view mode to config

- fixed incorrect stack default option (remove your config to apply)

- memory breakpoints are highlighted in the memory map

- copy context menu in every StdTable (not yet in disasm/dump)

- breakpoint context menu in memory map

- follow in dump/disasm context menu in memory map

- removed invalid 'OrdinalX' from symbol view

- section name + module name + rva + label in InfoBox

- list comments/labels/bookmarks/functions in the reference view

- fixed a bug in memfindpattern (thanks to Computer_Angel)

- fixed a crash when deleting all breakpoints

- ctrl+g now works in CPUDump

- fixed a bug with printing the instruction immediat values

- added hex edit dialog

- added binary edit/copy/paste context menu in disasm/dump/stack

- binary fill (with wildcard support)

- added search for -> pattern context menu option

- required administrator in manifest (may resolve some random bugs)

- fully support patching (+ save to file) + advanced patch dialog

- patch import/export

- fixed jmp/call FAR tokenizing

- support 0x prefixed numbers

- added some exception names when an exception is reached

- binary -> fill NOPs in disassembly

- fixed a bug with disassembling on an invalid address

- add support to get the module base (see help)

- updated help, most commands are now documented

Website:

http://x64dbg.com

Greetings,

Mr. eXoDia

  • Like 3

Share this post


Link to post
Share on other sites
mudlord

Thanks for the map loader plugin, been looking for such a thing for x64_dbg. :)


Share this post


Link to post
Share on other sites
cypher

So now that coloring is supported I made x64dbg look like my olly so I finally feel "at home". (Also because all other features I missed are now mostly supported)


 


... read on here   (topic moved)


Edited by cypher (see edit history)

Share this post


Link to post
Share on other sites
Artic

@Cypher can you upload the theme for me? looks really good.


Share this post


Link to post
Share on other sites
Hypnz

Thanks Mr.Exodia for the update!!!!


Share this post


Link to post
Share on other sites
cypher

@Artic as written you only have to replace the colors section in the ini with my posted stuff. There's no other way to import a scheme. Easy enough like it is


 


Edit: If anyone has a good olly theme that also other people like, send it to me and will do a x64dbg theme out of it


Edited by cypher (see edit history)

Share this post


Link to post
Share on other sites
Artic

@cypher did not seethis :D 


ill look at my mods and will send you a theme.


Share this post


Link to post
Share on other sites
mrexodia

May I suggest you guys place this theme stuff in a separate thread? :P

Greetings

Share this post


Link to post
Share on other sites
mrexodia

Hey guys,

Thanks to besoeso I found a bug in the WinAPI which caused NtQueryObject to not set the required structure size. Long story short, if you have Windows XP, download the updated DeviceNameResolver here and copy&replace it in your x64_dbg directory: https://bitbucket.org/mrexodia/devicenameresolver/downloads/DeviceNameResolver_002.rar

Greetings,

Mr. eXoDia

  • Like 1

Share this post


Link to post
Share on other sites
CondZero

Keep up the good work Mr. eXoDia and company!


Edited by CondZero (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
Dragon Palace

x64dbg is a good tool for crackers.


  • Like 1

Share this post


Link to post
Share on other sites
FILIPOVIC

add update checker :D


Share this post


Link to post
Share on other sites
av999

needed  commandline support ( "c:\program files\test.exe"  param1 param2 ...)


  • Like 1

Share this post


Link to post
Share on other sites
cypher

@av999 you can do that via command initdbg . See the help file


  • Like 1

Share this post


Link to post
Share on other sites
mrexodia

@av999: You can also use the commandline to start debugging a file, for example:

x64_dbg.exe "C:\Program Files\test.exe"
If you want to create a context menu entry for x64_dbg, modify the attached reg file to have the correct path.

Greetings,

Mr. eXoDia

x64dbg_shell.zip

Edited by Mr. eXoDia (see edit history)

Share this post


Link to post
Share on other sites
FILIPOVIC

add save?


Share this post


Link to post
Share on other sites
av999

"via command initdbg " - how?


example please


i want run xdbg with ""C:\Program Files\Autodesk\AutoCAD 2009\acad.exe"   /p ""  /w "" /b "C:\Program Files\name1\name2.scr""


Share this post


Link to post
Share on other sites
mrexodia

Hi,

Again, please use the forum here for posting support or feature requests.

 

Greetings

EDIT: Answer to your question, the commands in http://help.x64dbg.com should be entered in the command bar inside x64_dbg (see the bottom).

Edited by Mr. eXoDia (see edit history)

Share this post


Link to post
Share on other sites
Spider

Just wanted to say amazing tool/work. Was waiting for such thing for a long time!


  • Like 1

Share this post


Link to post
Share on other sites
mrexodia

V2.0ALPHA is out!

Changelog:

- added _dbgfunctions to plugin header

- fixed some context menu bugs in the RegistersView

- option to disassemble in uppercase

- color settings for symbol log

- use hexedit colors in ASCII and UNICODE fiels in HexEditDialog

- added various plugin functions

- automatically add plugin callbacks on certain exports (see help)

- updated help

- updated DeviceNameResolver

- added boundary checks on DbgMem* functions (resolved some crash)

- added patches, comments, labels, bookmarks, functions to the toolbar

- speed boost because the memory map is now cached

- allow sorting in every StdTable (References, Symbols etc)

- added simple update checker

- limit size of the log view

- click bullets to enable/disable/remove breakpoints

- fixed a display bug in the title when not inside a module

- fixed attaching (does not hang anymore)

- fixed issue with deleting disabled breakpoints

- fixed an issue with the last breakpoint never removed from the database

- fixed a crash in the string reference functions

- fixed a bug in valapifromstring (test.exe:imagebase now works)

- double click now works better

- double click on breakpoints will follow in CPU

- fixed a display bug in the InfoBox

- breakpoints/bookmarks in the reference view

- fixed focus problem in Goto dialog

- double click on the CIP register will follow it in the CPU

- added font customization options

- fixed a bug with displaying 'rep stosb'

- fixed a display bug when there are no bookmarks/comments etc

- fixed a bug in valtostring, editing CSP will now actually update the stack

- fixed a bug with negative values in 'complex' expressions

- WordEditDialog now allows signed and unsigned decimal editing too

- added callstack

- added 'Patches' to Disassembly context menu

- you can now 'Modify' a value in the stack from the context menu

Website:

http://x64dbg.com

Greetings,

Mr. eXoDia

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...