Code:
###Version 0.1 beta 15 |
some useful suggestion for next version.
1. Current icons group is too ugly, maybe ture color icon is better for consider. 2. Can you add support font, size can change in each window, after change can save the changing, current size is too smaller, not good for viewing. 3. In disassemble window and in stack view window, when you use mouse to click and drag the scroll bar start scrolling, the scroll bar is not really at scrolling, only code are scrolling there, maybe is a bug? 4. Can you consider add support edit disassemble code immediately with keyboard shortcut key spacebar button or double click in that disassemble code, not use mouse right click and select edit instruction, after edit and can have undo feature with multi-times. also, when right click and select "edit instruction" can you consider quotes origianl byte or disassemble code, not blank input there. 5. When will you support jump line with red arrow in disassemble code like jnz, jle, jge, jnc, jmp and so on, gray color for not inactive jump, red color for active jump. If you use OllyDBG, you will know what I mean. 6. in disassemble window, when you use F8 start step over, you will see only offset are pink hyperlight colour there, but include OpCodes, Mnemonics, comments are not hyperlight lolour, may full line of pink colour is preferred, like when you click in disassemble code that line, full and long blue colour in that line are seleted, maybe you understand what is my meaning? 7. in CPU Registers window, OF,DF, TF,SF, ZF, AF, PF, ZF can¡¯t change the 0 or 1 value for active jump or inactive jump immediately when use mouse double click in that value, consider for improvement for next version? 8. Can you consider add Information view window under disassemble window, and Data view window (hex dump), the same as OllyDBG, total five windows are list: (1) Disassemble window (2) CPU Register Window (3) Information Window (4) Data view window (5) Stack view window 9. Can you consider add search all strings for Ansi code and Unicode, and double click in that string can send to disassemble code immediately. 10. Something like push dword ptr fs:[00000000h], cmp eax, FFFFFFFEh test byte ptr [eax+04h], 66h I don¡¯t know [00000000h] or FFFFFFFEh or eax+04h or 66h is IDA engine or OllyDBG engine or Bean Engine, can you consider use OllyDBG only? 11. load a exe most time are blank disassemble code there, but lillte time is fine, will you improve it for next version? 12. Can you consier add plugins API Socket? Maybe in the future, someone will develop some plugins to extend it feature more powerfully. 13. Can you consider add support theme, disassemble window background colour can edit and change, some like call, mov, test, xor, add and so on is already hyperlight colour, this is good, but support more will be better, or have a option to extend that people can add more by themselves. 14. breakpoint if possible can support like bp MessageBoxA/W in commandline box will be better. 15. Can you consider add bookmark feature, and consider add bookmark Window also, that user can save theirs¡¯ booked mark there. 16. After more test, if I thought more furture need to be added, then I will suggest you again. 17. Thanks for develop this good and nice tool, hope it will become popular for Win x86 and Win x64 debugging and disassembler tool in the future and instead of OllyDBG. |
some useful suggestion for next version.
1. Current icons group is too ugly, maybe ture color icon is better for consider. 2. Can you add support font, size can change in each window, after change can save the changing, current size is too smaller, not good for viewing. 3. In disassemble window and in stack view window, when you use mouse to click and drag the scroll bar start scrolling, the scroll bar is not really at scrolling, only code are scrolling there, maybe is a bug? 4. Can you consider add support edit disassemble code immediately with keyboard shortcut key spacebar button or double click in that disassemble code, not use mouse right click and select edit instruction, after edit and can have undo feature with multi-times. also, when right click and select "edit instruction" can you consider quotes origianl byte or disassemble code, not blank input there. 5. When will you support jump line with red arrow in disassemble code like jnz, jle, jge, jnc, jmp and so on, gray color for not inactive jump, red color for active jump. If you use OllyDBG, you will know what I mean. 6. in disassemble window, when you use F8 start step over, you will see only offset are pink hyperlight colour there, but include OpCodes, Mnemonics, comments are not hyperlight lolour, may full line of pink colour is preferred, like when you click in disassemble code that line, full and long blue colour in that line are seleted, maybe you understand what is my meaning? 7. in CPU Registers window, OF,DF, TF,SF, ZF, AF, PF, ZF can¡¯t change the 0 or 1 value for active jump or inactive jump immediately when use mouse double click in that value, consider for improvement for next version? 8. Can you consider add Information view window under disassemble window, and Data view window (hex dump), the same as OllyDBG, total five windows are list: (1) Disassemble window (2) CPU Register Window (3) Information Window (4) Data view window (5) Stack view window 9. Can you consider add search all strings for Ansi code and Unicode, and double click in that string can send to disassemble code immediately. 10. Something like push dword ptr fs:[00000000h], cmp eax, FFFFFFFEh test byte ptr [eax+04h], 66h I don¡¯t know [00000000h] or FFFFFFFEh or eax+04h or 66h is IDA engine or OllyDBG engine or Bean Engine, can you consider use OllyDBG only? 11. load a exe most time are blank disassemble code there, but lillte time is fine, will you improve it for next version? 12. Can you consier add plugins API Socket? Maybe in the future, someone will develop some plugins to extend it feature more powerfully. 13. Can you consider add support theme, disassemble window background colour can edit and change, some like call, mov, test, xor, add and so on is already hyperlight colour, this is good, but support more will be better, or have a option to extend that people can add more by themselves. 14. breakpoint if possible can support like bp MessageBoxA/W in commandline box will be better. 15. Can you consider add bookmark feature, and consider add bookmark Window also, that user can save theirs¡¯ booked mark there. 16. When you selete multi-line of MneMonics and copy it in disassemble window, it actually copied first line, not multi-line are copied, maybe a bug? 17. can you add support hex code search? Like shortcut key ¡°Ctrl + B¡± in OllyDBG, If I want to search blank place to add some disassemble code and jump back, good for inline patching. 18. After more test, if I thought more furture need to be added, then I will suggest you again. 19. Thanks for develop this good and nice tool, hope it will become popular for Win x86 and Win x64 debugging and disassembler tool in the future and instead of OllyDBG. |
Hello, ZeroFlag. I just thought more, but due to can't edit old post, so I create with new suggestion here.
some useful suggestion for next version. 1. Current icons group is too ugly, maybe ture color icon is better for consider. 2. Can you add support font, size can change in each window, after change can save the changing, current size is too smaller, not good for viewing. 3. In disassemble window and in stack view window, when you use mouse to click and drag the scroll bar start scrolling, the scroll bar is not really at scrolling, only code are scrolling there, maybe is a bug? 4. Can you consider add support edit disassemble code immediately with keyboard shortcut key spacebar button or double click in that disassemble code, not use mouse right click and select edit instruction, after edit and can have undo feature with multi-times. also, when right click and select "edit instruction" can you consider quotes origianl byte or disassemble code, not blank input there. 5. When will you support jump line with red arrow in disassemble code like jnz, jle, jge, jnc, jmp and so on, gray color for not inactive jump, red color for active jump. If you use OllyDBG, you will know what I mean. 6. in disassemble window, when you use F8 start step over, you will see only offset are pink hyperlight colour there, but include OpCodes, Mnemonics, comments are not hyperlight lolour, may full line of pink colour is preferred, like when you click in disassemble code that line, full and long blue colour in that line are seleted, maybe you understand what is my meaning? 7. in CPU Registers window, OF,DF, TF,SF, ZF, AF, PF, ZF can¡¯t change the 0 or 1 value for active jump or inactive jump immediately when use mouse double click in that value, consider for improvement for next version? 8. Can you consider add Information view window under disassemble window, and Data view window (hex dump), the same as OllyDBG, total five windows are list: (1) Disassemble window (2) CPU Register Window (3) Information Window (4) Data view window (5) Stack view window 9. Can you consider add search all strings for Ansi code and Unicode, and double click in that string can send to disassemble code immediately. 10. Something like push dword ptr fs:[00000000h], cmp eax, FFFFFFFEh test byte ptr [eax+04h], 66h I don¡¯t know [00000000h] or FFFFFFFEh or eax+04h or 66h is IDA engine or OllyDBG engine or beaengine, can you consider use OllyDBG engine only? 11. load a exe most time are blank disassemble code there, but lillte time is fine, will you improve it for next version? 12. Can you consier add plugins API Socket? Maybe in the future, someone will develop some plugins to extend it feature more powerfully. 13. Can you consider add support theme, disassemble window background colour can edit and change, some like call, mov, test, xor, add and so on is already hyperlight colour, this is good, but support more will be better, or have a option to extend that people can add more by themselves. 14. breakpoint if possible can support like bp MessageBoxA/W in commandline box will be better. 15. Can you consider add bookmark feature, and consider add bookmark Window also, that user can save theirs¡¯ booked mark there. 16. When you selete multi-line of MneMonics and copy it in disassemble window, it actually copied first line, not multi-line are copied, maybe is a bug? 17. can you add support hex code search? Like shortcut key ¡°Ctrl + B¡± in OllyDBG, If I want to search blank place to add some disassemble code and jump back, good for inline patching. 18. in disassemble window, double click on comment must can edit and hit OK can save, for easy and quick debugging purpose. 19. Current version can¡¯t debugging *.dll file, only *.exe file, will you consider add for support debugging *.dll file in the next version. 20. Recent file will be deleted afer exit Nanomite, I don¡¯t know is a bug or not, maybe cause Win Vista / Win 7 UAC? can you consider add a option for it can save or delete all recent files choice by user? 21. After more test, if I thought more furture need to be added, then I will suggest to you again. 22. Thanks for develop this good and nice tool, hope it will become popular for Win x86 and Win x64 debugging and disassembler tool in the future and instead of OllyDBG. 23. For sometimes debugging some exe file comes blank disassemble code, I don¡¯t know is it possible because Delphi 7 Programs or due to some strong packer like VMProtect, here I just attach some software for you to test it out. Download it: _http://pan.baidu.com/share/link?shareid=123269319&uk=386178158 |
thanks for nice stuff! Lets check if it is worth changing from windbg.
|
What is the latest version of this?
|
Quote:
|
Quote:
|
Quote:
i'll sens over some crash dumps sometime the next week, i suggest you do the same. |
Code:
beta 16 |
Nice project.Update it
|
I have tested Nanomite in his x64 version (qtNanomite.exe) in a VM with Win 7 Pro (x64 of course).
In most of the programs it worked ok, but some programs have blank disasm window when opened using "Open new file" command. For example, Cheat engine version 6.2 comes with 2 "sample" programs. The x64 version (Tutorial-x86_64.exe) shows a blank disasm window when loaded the previous way. Then the program runs fine, so the only issue here is the first-load blank disasm window. Another thing is that when loading some apps (for example Internet Explorer 8 x64), Nanomite shows a MessageBox saying that "It seems that this file is packe or encrypted!", but they aren't. A false positive? ADDED: Despite the message, the programs work ok. Anyway, I'll keep using this excellent dbg and reporting anything that comes up. Thanks Zer0Flag for you effort! Cheers! |
Thanks for this great tool!
It helped me patch Im@ris, a great software for microscopy, by applying an update to the solution provided by Team Lz0 for a previous version Here are some suggestions/thoughts: -How to use the Goto function to go to Offset? It would also be nice to be able to goto RVA. -Editing a jump with VA or RVA does not work (the function will be edited by jmp to ??? address) -It would be nice to be able to set flags individually instead of editing the EFlags. Not a big deal, but it would be faster... -Hotkey " Return = …" does not work with the Return key of a keypad Keep your good work, it is really appreciated AC |
Thanks for this valuable feedback!
I will take the suggested issues/features onto my todo list. But currently I lack somehow of time because of RL... but updates will keep comming ;). About the black disassembly window I know that this is based on the worse algorithm which the disassembler in nanomite is using currently and often occurs on packed or crypted samples. I´m planing to update this one in the next steps to offer a better analysis of the code and also take the control flow into account. If you find any bugs or have feature requests you are always welcome! ~Zer0Flag |
It would be good if you add ability to generate control flow graph for function or module.
|
All times are GMT +8. The time now is 16:16. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX