|
I am not olly pro, so let me ask few questions about x64dbg?
1. Minor. Does it have sync option between tabs. So, if I stopped at some EIP I can switch to memory map and see synced memory region line active, not the top one. Example: I stopped at 18001234 switch to Memory Map and see 18000000 active and it is .text of test.dll 2. Minor. Is there an option show Export names in comments? Example: I stopped at 18001234 and see in comments column: test.dll!DllMain 3. Major. How can I point DLL of interest, but start test.exe instead of DLLLoaderXXX.exe? I changed the command line and restarted debug, but the command line reset as well. I suppose it changes only environment data, not the .exe. 4. Crit. Extend the Q3. Is it possible to debug 64-bit DLL and use .net .exe as loader? If I try to point .exe as target x64dbg says "Use 32-bit debugger". I think it is not my case. 5. Idea. Any plans to make it interactive like IDA? Or at least split the code flow blocks with empty lines. |
I am trying find the encryption seeds from a 64bit daemon, and have only experience using Ollydbg, which doesn't debug x64 binaries.
So I started using x64_dbg, but this debugger does not have a field where you can input any arguments such as "-t computer-name 4 –c license.lic" I tried x64_dgb "C:\FullPathTo\File.exe" parm1 parm2 -3 -4 -debug x64_dgb "C:\FullPathTo\File.exe" -t computer-name 4 –c license.lic and using InitDebug & setcommandline, but none of these pass the arguments -t computer_name 4 -c license.lic to the debugger Can anybody tell me how to pass on arguments to this debugger? rgds |
Any help please?
|
Just tested it on x64 - Google Chrome. Immunity crashed for some reason, but this helped me a lot!
|
I always use your x64_dbg.
It helped me a lot! It's a great and a masterpiece creation. Thank you mr.exodia... Best regards, -=yoza=- |
Quote:
Certainly helps a lot , with newer programs whose anti-debugging mechanisms simply check for OLLY , but don't check for this debugger :) Please continue your development on this mr.exodia ... |
I wonder if it is possible to call a dll export when we load dll in x64dbg(similar to olly).
Does anyone know if this is possible? I were not able to find this myself. |
May be use "Set origin here" to change EIP after break on retn in DllMain.
|
Hello,
Syoma is right, you can do something like setting the EIP. Another method is to simply code a small DLL loader that does something like this: Code:
#include <windows.h>Mr. eXoDia |
Quote:
Thanks for reply. These 2 ways were somehow obvious and I already have done it this way. But I thought there may be an easy for it like olly, because it somehow a useful option for debugging DLLs. Maybe I write its plugin my own. Regards |
Yea, a plugin sounds cool. Feel free to drop me a message if you need help.
|
Just a quick q, why not implementing python as script instead of developing own scripting language? :)
|
At the time it seemed more logical to do an olly script like language. Right now there is someone working on python.
|
Quote:
as i think it is impossible to pass arguments now, but maybe are some plans to add this possibility to x64_dbg? or advise other debugger for x64. |
IDA Pro is also nice for x64.
|
| All times are GMT +8. The time now is 21:44. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2023, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX