Exetools

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   Windows debugger that can run code on breakpoint? (https://forum.exetools.com/showthread.php?t=19971)

jonwil 10-13-2021 17:41

Windows debugger that can run code on breakpoint?
 
Is there a Windows debugger where I can set a breakpoint on a specific instruction (in a binary that I have been reverse engineering with IDA in this case) and then instead of stopping and waiting for user action, run some code that can access the current registers and memory of the process (and do some things with the results like writing some things to a log) before letting the program continue to run?

The binary is a 32-bit x86 binary and I want to do this break-then-log-stuff-then-continue in a few different places.

Turkuaz 10-13-2021 20:00

Ollydbg conditional log breakpoint
http://www.ollydbg.de/Help/Condlogbreakpoint.htm

Stingered 10-13-2021 23:22

Is this what you are referring to?

https://help.x64dbg.com/en/latest/introduction/ConditionalTracing.html

https://help.x64dbg.com/en/latest/commands/conditional-breakpoint-control/SetBreakpointLogCondition.html

chants 10-14-2021 05:18

WinDbg has "debugger command programs" https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-command-program-examples and allows such macros. Not sure if they can be triggered on breakpoints but it should be possible. Ollydbg and x64dbg I reckon are just as capable of being scripted.

lahma 01-17-2022 06:43

I think you might find WinDBG's javascript debugger scripting useful. You can have a script trigger upon a breakpoint, do whatever you need to do (log data, modify values, etc), and the script can then decide whether or not to continue running the app based on whatever logic you provide it. You can find the documentation for it here:
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/javascript-debugger-scripting

N0P 01-17-2022 21:28

maybe CheatEngine can this handle too ? :)


All times are GMT +8. The time now is 09:36.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX