Feature suggestions

[mrexodia]

@sstrato: Maybe they are never hit?

 

Thanks for the string references report. I will look into it

[sstrato]

(Call Stack) is not working.

[mrexodia]

@sstrato: the string bug was fixed... i will check the other bugs soon.

[av999]

HI

it is desirable to make available the option to disable the log

 

because when a long job script problems

[mrexodia]

@av999: sure, but do you have an example for this? I think it makes more sense to fix the log option instead of disabling it

[av999]

I mean disable the system log when it is needed

[mrexodia]

Yes I understand, but why would you want to disable the log exactly?

[av999]

time is a pity

[sstrato]

The Call Stack window displays nothing.

[mrexodia]

@sstrato: Thanks for the report. Follow here for progress: https://github.com/x64dbg/x64dbg/issues/372

[Siarogak]

@Mr. eXoDia: hi, can you explain how to find pattern in memory? I mean, not only in a one  section, but all together, like in ollydbg.

[mrexodia]

@Siarogak: Currently not implemented. Check here to track progress of the issue: https://github.com/x64dbg/x64dbg/issues/112

[Siarogak]

@Mr. eXoDia: when I start application I can Change Command line, for example,  program.exe -debug, but when I click button Restart, command line became  program.exe. Is it possible to save Command Line "program.exe -debug" even after debugger restarts?

[Loki]

Something like this would be nice, especially if it was built in rather than a plugin!

 

https://forum.tuts4you.com/topic/37447-dumpaddresscolor-an-ollydbg-2-plugin/

 

Full credit to RaMMicHaeL for the idea

[testos]

Do you have plans to implement trace module? 

How to create a script for trace running process between two instructions address?

 

[mrexodia]

@Testosterrible there are definitely plans for tracing, but for me it is kind of low priority. Follow here for more information: https://github.com/x64dbg/x64dbg/issues/75

[Artic]

stack search maybe?
improved HEX Dump search, sometimes i know it has to be in the dump, but i cant find it, a hex dump search would really help me.

[mrexodia]

@Artic The hex dump search is fully implemented. Just hit ctrl+b and search away. Stack search is a good idea. I will try to implement that later.

[Artic]

On 1/12/2016 at 1:09 PM, Mr. eXoDia said:

@Artic The hex dump search is fully implemented. Just hit ctrl+b and search away. Stack search is a good idea. I will try to implement that later.

awsome, i always forget about how to hex search and thats its there.
another idea, is to maybe list all comments you done in the CPU window (the disasm window).

an option to maybe turn of searching in the other modules, as i always know that it has to be in that module.

[mrexodia]

You can list all comments by clicking the appropriate icon in the top menu bar. For now it is not possible to restrict your search to one module, but you can sort by address so you can kind of do that already. I will add the module name in there so you can sort by module.

Searching (hex search) only searches in the page you are in. If you want to search all memory use ctrl+b in the memory map.

[0xNOP]

I know you have this on TODO, but here's a friendly reminder

Stack Window with Parameters shown like in Olly:

Would be lovely!

Edited January 27, 2016 by 0xNOP

[mrexodia]

@0xNOP: I have been thinking about how to do that for quite some time now, but do you have an idea how to do this on x64 (where the arguments are mostly passed through registers)? CreateProcessW on x64 would look something like:

   [rsp] call to CreateProcessW from X
   (rcx) ModuleFileName = X
   (rdx) CommandLine = X
    (r8) pProcessSecurity = X
    (r9) pThreadSecurity = X
 [rsp+8] InheritHandles = X
[rsp+10] CreationFlags = X
[rsp+18] pEnvironment = X
[rsp+20] CurrentDir = X
[rsp+28] pStartupInfo = X
[rsp+30] pProcessInfo = X

However, I'm against placing them on the stack (because they are not actually on the stack). Do you have an idea what to do with this?

[JustAGuy]

Why it cannot be same as in Olly, since they're not on stack, last column in dissasembly window would not be fine ?

Edited January 31, 2016 by JustAGuy

[mrexodia]

@JustAGuy Listing the 4 arguments as a comment in the disassembly windows wouldn't work for me...

[sstrato]

Since the last snapshot error in search memory map.

Before snapshot_2016-02-16_10-56.

After snapshot_2016-02-19_04-54.

 

Edited February 19, 2016 by sstrato