Jump to content
Tuts 4 You

Edit History

danrevella

danrevella


upgrade

Please excuse to revive this old post, but IMO, and specially for newbie (like me)......

Who is newbie (like me) in art of reversing/cracking, may found a good help with a non intrusive debugger.

At the moment I utilize two debugger: the uncomparable "x64dbg" and the best for games "Cheat Engine".

x64dbg is absolutelly fabolous, but it is an intrusive debugger.

Cheat Engine is "game oriented", but also incorporate a good debugger, but the beauty is that it also get us a NOT intrusive debugger; I refer about the possibility of look at the code of the running program and letting us the possibility of reading all memory, patch on the fly, get handle of windows, pause the process, etc. with NO NEED to attach the debugger (unless of course you wanna set breakpoint); so many time when the prog is packed we may, without unpacking ( a very hard way for a newbie)  we get the code with full reference to string, intercall, etc. with no care about antidebugging tricks.

F.e. in the past I remember I was able to patch on the fly an Armadillo protected program who is infamous to lock debugger creating a child process.

A person really clever than me told:

******************************************************************************************************************************************************

Yes, this is possible. You can replace TitanEngine.dll with https://github.com/mrexodia/StaticEngine and “attach” to a running process.

There is however no way to switch debugging modes and breakpoints etc will simply not work

******************************************************************************************************************************************************

I have just compiled both for 32/64 but this dll seems is not working under win10.......

why don't release un update ? 🙂

Many thanks

p.s. please excuse, just now I have try to recompile with VS2013, and now il does work.......

 

danrevella

danrevella

Please excuse to revive this old post, but IMO, and specially for newbie (like me)......

Who is newbie (like me) in art of reversing/cracking, may found a good help with a non intrusive debugger.

At the moment I utilize two debugger: the uncomparable "x64dbg" and the best for games "Cheat Engine".

x64dbg is absolutelly fabolous, but it is an intrusive debugger.

Cheat Engine is "game oriented", but also incorporate a good debugger, but the beauty is that it also get us a NOT intrusive debugger; I refer about the possibility of look at the code of the running program and letting us the possibility of reading all memory, patch on the fly, get handle of windows, pause the process, etc. with NO NEED to attach the debugger (unless of course you wanna set breakpoint); so many time when the prog is packed we may, without unpacking ( a very hard way for a newbie)  we get the code with full reference to string, intercall, etc. with no care about antidebugging tricks.

F.e. in the past I remember I was able to patch on the fly an Armadillo protected program who is infamous to lock debugger creating a child process.

A person really clever than me told:

******************************************************************************************************************************************************

Yes, this is possible. You can replace TitanEngine.dll with https://github.com/mrexodia/StaticEngine and “attach” to a running process.

There is however no way to switch debugging modes and breakpoints etc will simply not work

******************************************************************************************************************************************************

I have just compiled both for 32/64 but this dll seems is not working under win10.......

why don't release un update ? 🙂

Many thanks

 

×
×
  • Create New...