I tried but don't think it will work while running trace into or trace over. 

OR

I am not capable of coming up with the command to execute what I want.

 

 

 

@madskillz Here is a small example of using this plugin.

1. Install the cndsteriods plugin
2. Download this crackme and open it in x32dbg
3. Use this command: setString 1,"123456789"
4. Run to the program entry point.
5. Debug -> Trace into (see screenshot below)
6. Press OK
7. Enter the serial "123456789" in the console window and press enter
8. You should break (see screenshot below)
9. Profit? (probably not, because this plugin is really slow and it greatly pollutes the log)

EDIT: I wrote a plugin with similar functionality, but with better performance. See https://github.com/mrexodia/strmatch/releases

Edited June 28, 20178 yr by mrexodia

@mrexodia: Found some time yesterday. It took me some trial & error, but got it this time. In fact: I was primarily interested in a function, which was only called when taking a particular action. If one start a "Trace into...", it gets started right away, and one can not get/switch to the application, until it finishes... So, in order to get the trace right, one must place a breakpoint at the address where one likes it to start...  When the debugger hits the breakpoint (after performing that particular action), enter your 'Trace into': it will continue from there onwards (based on said conditions)
(btw: the only way I could halt a Trace in progress, was to hit [F12] = pause)

Trace window:
> Log content: {p:cip} {i:cip} -*- [{ecx}] ~  [{rd8}]~[{rd9}]                                        => rd8&rd9 return "???"; but I'll do some more testing/reading to see if I get this right
> Log cond: rip >= mem.base(rip)+D02260 & rip <= mem.base(rip)+D0236C     => 'mem.base' ensures me that I can reuse the expression after relaunching game

Log entry example: "0000000140523269 cmp edx, dword ptr [rcx + 0x50] -*- [8D44230] ~  [???]~[???]"

(btw: I use Notepad++ to read those logs)

@paul44 I still don't understand why you would need tracing if you know the exact locations you're interested in...

On 6/28/2017 at 2:10 PM, mrexodia said:

@madskillz Here is a small example of using this plugin.

1. Install the cndsteriods plugin
2. Download this crackme and open it in x32dbg
3. Use this command: setString 1,"123456789"
4. Run to the program entry point.
5. Debug -> Trace into (see screenshot below)
6. Press OK
7. Enter the serial "123456789" in the console window and press enter
8. You should break (see screenshot below)
9. Profit? (probably not, because this plugin is really slow and it greatly pollutes the log)

EDIT: I wrote a plugin with similar functionality, but with better performance. See https://github.com/mrexodia/strmatch/releases

@mrexodia 

I have tested it for tracing location of a UTF16 string loading on EAX register and it found it perfectly. This plugin will come in use for many.

Thank you so much for the instructions and then going ahead and making a better plugin,

 

My cndsteriods plugin could not run .Why? 

On 8/28/2018 at 10:07 PM, wangcuicui said:

My cndsteriods plugin could not run .Why? 

Dumm!!! It is not compatible with the latest release I guess. Crashes on my system too. But is a good plugin if using with old versions of debugger.