Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

How to clear previous brakpoints? Clear DB not doing job!!!

Formingus
Formingus
in x64dbg

Featured Replies

Posted

How to clear previous brakpoints? Clear DB not doing job!!!

Even i clear DB when i reload the EXE breakpoints remains - Hot to reload exe WO any modification ? Thansk

Any idea

Make sure all instances are closed. Also, are you sure the breakpoints are not inside a system dll?

Selection is a bit unfortunate, but if you select two of your breakpoints, right click, there is an option "remove all breakpoints".

    • Like 1
    • Author
    On 11/20/2021 at 1:06 AM, deepzero said:

    Make sure all instances are closed. Also, are you sure the breakpoints are not inside a system dll?

    Selection is a bit unfortunate, but if you select two of your breakpoints, right click, there is an option "remove all breakpoints".

    Will you be kind to explain me 1 thing ?

    When i use same version of x64 software to disassemble  and win 10

    While i am following some tutorial After load SW into x64  mine address will become different than tutorial ones, even i do same thing, where is problem ?

    This is because of ASLR, which randomizes at which address the executable is loaded for security reasons. You can disable it, but if the tutorial creator had it enabled the address will still be different.

    While it's technically possible to relocate the program to the same address it's probably not worth the effort and you best just get used to a different base address and focus on the assembly or offsets.

    • Like 1

    If you really want to disable ASLR for specific targets; so you can study it using both IDA and x64dbg, you can either edit your target with any PE editor like CFF Explorer and uncheck the "DLL can move", or ready made application like setdllcharacteristics.

    • Like 1
    • Author
    16 hours ago, deepzero said:

    This is because of ASLR, which randomizes at which address the executable is loaded for security reasons. You can disable it, but if the tutorial creator had it enabled the address will still be different.

    While it's technically possible to relocate the program to the same address it's probably not worth the effort and you best just get used to a different base address and focus on the assembly or offsets.

    Thanks for explanation , where i can disable ASLR?

    Z3r0n3 told you above.

    • Like 1
    • Author
    16 hours ago, Z3r0n3 said:

    If you really want to disable ASLR for specific targets; so you can study it using both IDA and x64dbg, you can either edit your target with any PE editor like CFF Explorer and uncheck the "DLL can move", or ready made application like setdllcharacteristics.

    Where can i do that with CFF Explorer ? Downloaded but cant find option to disable ASLR

    • Author
    9 minutes ago, deepzero said:

    Z3r0n3 told you above.

    Am beginner its very hard to understand everything , so sorry . What you suggest me to start to learn , something that isn't so hard and can explain me a lot about cracking ?

     

    Hello,

    Consider trying this plugin:

    https://github.com/AandersonL/x64dbg-ASLR-Removal

    It's a simple and nice plugin.

    Regards,

    Edited by XOR0XA
    rikas, say nipah

    • Like 1
    • Author
    6 hours ago, XOR0XA said:

    Hello,

    Consider trying this plugin:

    https://github.com/AandersonL/x64dbg-ASLR-Removal

    It's a simple and nice plugin.

    Regards,

    His exe after pause will hang on C3 mine on C2, what i am doing wrong ???

    • Author
    9 hours ago, XOR0XA said:

    Hello,

    Consider trying this plugin:

    https://github.com/AandersonL/x64dbg-ASLR-Removal

    It's a simple and nice plugin.

    Regards,

    Any of you will be kind to explain me how is possible i am doing everything exactly as him and get different results

    Sometimes when i stuck with this kind of problem i quit of trying , its very hard 5 days i cant figure out what's happening

    Short video explain everything.. Thanks 

     

    • Author
    On 11/22/2021 at 10:43 PM, Formingus said:

    Any of you will be kind to explain me how is possible i am doing everything exactly as him and get different results

    Sometimes when i stuck with this kind of problem i quit of trying , its very hard 5 days i cant figure out what's happening

    Short video explain everything.. Thanks 

     

    And ? End of story!!!

    You might be on different Windows versions or WOW64 or something. You should focus on the semantics of your tutorial rather than expecting a 1:1 replications. Can you share your target and tutorial?

    • Author
    13 hours ago, deepzero said:

    You might be on different Windows versions or WOW64 or something. You should focus on the semantics of your tutorial rather than expecting a 1:1 replications. Can you share your target and tutorial?  

     

    Edited by Teddy Rogers
    Please do not attach copyright files.

    • Author
    10 hours ago, deepzero said:

    You might be on different Windows versions or WOW64 or something. You should focus on the semantics of your tutorial rather than expecting a 1:1 replications. Can you share your target and tutorial?

    Ok, that make sense a lot , but what is confusing me a lot is, few times land to correct address even i did same thing Any explanation or tutorial will be appreciated. Thanks

    After suspending process, switch to main thread. View->Threads->Doubleclick on Main.

    Does that help?

     

    • Like 1
    • Author

    @kaoDude you deserve 10000 likes and more. Thanks million of times . You saved me with this trick :)

    Edited by Formingus
    Add words

    • Author
    10 hours ago, kao said:

    After suspending process, switch to main thread. View->Threads->Doubleclick on Main.

    Does that help?

     

    One more thing , i successfully cracked and make loader , but when i press Start button Software crash, what is next steep ? And if i post exe to be cracked by someone hear is that allowed ? Thanks in Advance

    Edited by Formingus
    Add words

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.