mrexodia Posted August 2, 2015 Author Posted August 2, 2015 @sstrato: Maybe they are never hit? Thanks for the string references report. I will look into it
mrexodia Posted August 2, 2015 Author Posted August 2, 2015 @sstrato: the string bug was fixed... i will check the other bugs soon.
av999 Posted August 8, 2015 Posted August 8, 2015 HIit is desirable to make available the option to disable the log because when a long job script problems
mrexodia Posted August 10, 2015 Author Posted August 10, 2015 @av999: sure, but do you have an example for this? I think it makes more sense to fix the log option instead of disabling it
mrexodia Posted August 12, 2015 Author Posted August 12, 2015 Yes I understand, but why would you want to disable the log exactly?
mrexodia Posted August 17, 2015 Author Posted August 17, 2015 @sstrato: Thanks for the report. Follow here for progress: https://github.com/x64dbg/x64dbg/issues/372
Siarogak Posted August 18, 2015 Posted August 18, 2015 @Mr. eXoDia: hi, can you explain how to find pattern in memory? I mean, not only in a one section, but all together, like in ollydbg.
mrexodia Posted August 18, 2015 Author Posted August 18, 2015 @Siarogak: Currently not implemented. Check here to track progress of the issue: https://github.com/x64dbg/x64dbg/issues/112 1
Siarogak Posted August 18, 2015 Posted August 18, 2015 @Mr. eXoDia: when I start application I can Change Command line, for example, program.exe -debug, but when I click button Restart, command line became program.exe. Is it possible to save Command Line "program.exe -debug" even after debugger restarts?
Loki Posted August 28, 2015 Posted August 28, 2015 Something like this would be nice, especially if it was built in rather than a plugin! https://forum.tuts4you.com/topic/37447-dumpaddresscolor-an-ollydbg-2-plugin/ Full credit to RaMMicHaeL for the idea 1
testos Posted November 24, 2015 Posted November 24, 2015 Do you have plans to implement trace module? How to create a script for trace running process between two instructions address?
mrexodia Posted November 28, 2015 Author Posted November 28, 2015 @Testosterrible there are definitely plans for tracing, but for me it is kind of low priority. Follow here for more information: https://github.com/x64dbg/x64dbg/issues/75
Artic Posted January 11, 2016 Posted January 11, 2016 stack search maybe? improved HEX Dump search, sometimes i know it has to be in the dump, but i cant find it, a hex dump search would really help me.
mrexodia Posted January 12, 2016 Author Posted January 12, 2016 @Artic The hex dump search is fully implemented. Just hit ctrl+b and search away. Stack search is a good idea. I will try to implement that later.
Artic Posted January 13, 2016 Posted January 13, 2016 On 1/12/2016 at 1:09 PM, Mr. eXoDia said: @Artic The hex dump search is fully implemented. Just hit ctrl+b and search away. Stack search is a good idea. I will try to implement that later. awsome, i always forget about how to hex search and thats its there. another idea, is to maybe list all comments you done in the CPU window (the disasm window). an option to maybe turn of searching in the other modules, as i always know that it has to be in that module.
mrexodia Posted January 14, 2016 Author Posted January 14, 2016 You can list all comments by clicking the appropriate icon in the top menu bar. For now it is not possible to restrict your search to one module, but you can sort by address so you can kind of do that already. I will add the module name in there so you can sort by module. Searching (hex search) only searches in the page you are in. If you want to search all memory use ctrl+b in the memory map. 1
0xNOP Posted January 27, 2016 Posted January 27, 2016 (edited) I know you have this on TODO, but here's a friendly reminder Stack Window with Parameters shown like in Olly: Would be lovely! Edited January 27, 2016 by 0xNOP 2
mrexodia Posted January 31, 2016 Author Posted January 31, 2016 @0xNOP: I have been thinking about how to do that for quite some time now, but do you have an idea how to do this on x64 (where the arguments are mostly passed through registers)? CreateProcessW on x64 would look something like: [rsp] call to CreateProcessW from X (rcx) ModuleFileName = X (rdx) CommandLine = X (r8) pProcessSecurity = X (r9) pThreadSecurity = X [rsp+8] InheritHandles = X [rsp+10] CreationFlags = X [rsp+18] pEnvironment = X [rsp+20] CurrentDir = X [rsp+28] pStartupInfo = X [rsp+30] pProcessInfo = X However, I'm against placing them on the stack (because they are not actually on the stack). Do you have an idea what to do with this? 1
JustAGuy Posted January 31, 2016 Posted January 31, 2016 (edited) Why it cannot be same as in Olly, since they're not on stack, last column in dissasembly window would not be fine ? Edited January 31, 2016 by JustAGuy
mrexodia Posted January 31, 2016 Author Posted January 31, 2016 @JustAGuy Listing the 4 arguments as a comment in the disassembly windows wouldn't work for me...
sstrato Posted February 18, 2016 Posted February 18, 2016 (edited) Since the last snapshot error in search memory map. Before snapshot_2016-02-16_10-56. After snapshot_2016-02-19_04-54. Edited February 19, 2016 by sstrato
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now