x64_dbg Plugins
 

Hi
this version 1.0 for this plugins of a very promotion debugger on x64 platform .
maybe it have a bug so ( bug report is welcome )
maybe it need more prove and this is welcome too
what's :
it has Go To API Dialog with Auto load for all Symbol for all loaded module .
command line = gtd
hex dialog to make it easy for edit hex dump window .
command line = Hexeditor
or
Hexeditor address,size to read

or u can get them from the menu it is more easy .

just note : in hex dialog to change the address or the size
just enter the address then press enter and same for size
button Update just done if u change the value in the dataGrid.

Coded by Ahmadmansoor with alot of help from mr.exodia :cool: .

this is new update 1.0.0.2
https://mega.co.nz/#!mBVTQTzZ!RKWgxB...YHBXHp-ayqk3-I

you don't tell how those files put in which direction? all copy to x64dbg.exe same folder or create a new plugin folder?

@cxj98: http://mrexodia.cf/x64hlp/scr/Plugins.htm

Greetings

Hi I think mrexodia answer u .
put please download the file again I have update it ,it was have a bug .
must be putten in a folder ((plugins)) inside x64_dbg folder .
Thanks for trying

thanks, but do you have plugin for x32_dbg

hi Mr.eXoDia,
Few day ago i tries to code a plugin for x64_dbg(32 bit before) but it's unsuccess, i'm also saw your sample plugin(plugintest_002), seem your sdk doesn't work if you build with GCC(CodeBlock-LoadLibraryA unsuccess). I'm also get an exception on LoadLibraryA with my plugin power by delphi.
Are you test yet ?

quygia128

@quygia128: I tested MinGW for both 32 and 64 bit. I also tested VS10 32 and 64 bit. But delphi is not supported by me, since I don't know it.

Could you send me your compiled plugin that failed loading?

Greetings

I guess it ss better to open up a new issue at source repository site....
it'll be beter to track and to not open duplicated issues, etc

it's here, builded with MinGW(CodeBlocks v12.11)

greetz

I am sorry for late in replay ,I am working on more update for this plugin .
but I am waiting the SDK update from mrexodia .
this Plugin is only for x64 ,no x32 support ,sorry.
I will make a flash movie on how to use it ,need to add some more options .
any bug or need more feature's ,pls let me know .
Thanks for testing and try .

@quygia128: Please use the latest pluginsdk from this website: http://sourceforge.net/projects/x64dbg/files/alpha/pluginsdk/

I tested it today, all working.

Greetings,

Mr. eXoDia

@quygia128

what's the plugin is?

I would love to see this on github or bitbucket...lots of potential, and lots of eager people willing to commit!

3ks,
wait more plugin for this Dbg

What functionality would you like to be in these plugins? x64dbg is still in development, so you can request features :)

Greetings

some Hotkey like od.
alt+c(return to eip),alt+d (focus on cmdbar).

alt+c = go to cpu window (also in olly), '*' is return to CIP when in disassembly window, '*' is also return to CSP.

ctrl+enter is focus to cmd bar.

see the menus for full shortcuts.

anything else?

greetings

Hi Mr,eXoDia,

I'm tested with new release, i have get some problem with mainmodule name, x32_dbg don't get name of main module (Load faild)

Some request:

1. This isn't any operand to copy address, asm code, command, Opcode..., I would like if you add it in next release :)

2. i'm can't see Clear log operand in log windows.

I have noticed this problem on a pc with windows 8 with UAC enabled. You can try to disable UAC or run the debugger with admin privileges. I do not have a real fix for this (WinAPI just doesn't return a valid filename).

Greetings,

Mr. eXoDia

CleanupExEx x64_dbg plugin.
 

My first plugin for x64_dbg, this plugin for test only.(32bit support)

Follow in file readme.txt to get more information.

greetz
quygia128

Hey,

Looks great, any chance you could share the delphi PDK with us? I think other users will like it too.

Greetings

Highlightfish v1.0 Build Date 13/07/2014
Released by Insid3Code Team.
C)2014 I3CT

Highlightfish will allow you to customize x64-dbg colors and Highlightings.
It supports the schemes published by "cypher" and "tr4ceflow" here:

If you have a nice and comfortable scheme, send it to me and I will add it in the next release.

RELEASE HISTORY:
---------------
13/07/2014 (version 1.0)
[+] Added Cypher scheme.
[+] Added tr4ceflow scheme.
[+] Added GrayAngelfish scheme.
[+] Reset Default Debugger scheme.

Link to download:
Enjoy!

Hi all.
I saw you make efforts to add some functionality to the debugger.
I wonder if a plugin with label handling is available (to work with map files resulted from IDR for Delphi or IDA for example)?

I see there're some extensions, could you give us some reviews of them :rolleyes:?
qb-sync has an extension for x64dbg:
x64dbg utility for linker map files, diff files, peid/ida signatures, and code signature generation:

@bolzano_1989
Thank you.
My fault.
I see this after but i cannot edit my post anymore.
:)

@Insid3Code Team
and @quygia128
Looks great, i will your plugins.

Best regards,
-=yoza=-

you don't tell how those files put in which direction? all copy to x64dbg.exe same folder or create a new plugin folder?

If you open x64dbg it will create a 'plugins' folder automatically. You can copy your *.dp32 and *.dp64 files there (also: read the manual).

Hi quygia128,
Did you ever release Delphi PDK for X64Dbg?

Sorry for bump, I've not been here for 2 years and am trying to catchup :)

Yes, i want to puplic it becase i'm not more Freetime to develop it.
I hope someone will be continue my work

It's just 32bit for Delphi 7 but you can make 64bit SDK for XE Embarcadero.

BR,
quygia128

AttachHelper plugin for x64dbg

This plug-in automatically restores that "DbgBreakPoint", "DbgUiRemoteBreakin".

http://www.mediafire.com/file/priwaetcn9g4lp4/x64dbg_AttachHelper.zip

OW Imports
by: qwerty9384 / bloodwrath
released: 11.13.2016

summary:
this plugin adds the 'oiu' command to x64dbg. executing the command with the IAT's base address will label all obfuscated winapi imports and log the address / label names in the x64dbg log tab. generated labels are automatically deleted once you stop debugging. behavior is undefined if used on any other address or if you run the command more than once per debug session.

note:
the IAT is dynamically built some time between the second TLS callback and the creation of the second thread.

how to use:
1. click on the "Memory Map" tab in x64dbg.
2. find the first region (lowest address) of virtual memory of size 0x3000. it's always near the top of the mem map table.
3. go to this region's base address in the disassembly view.
4. you should see something like this:
00000000000B0000 | 48 | MOVABS RAX, iphlpapi.7FEF9F73F33 |
00000000000B000A | 48 | ADD RAX, 39F9 |
00000000000B0010 | 71 | JNO B0014 |
5. click the base address, press 'ALT+INSERT' to copy the address.
6. press 'CTRL+ENTER' to focus the cmd line.
7. type 'oiu ', paste the address, press enter.
8. check the log for the import name / address dump.
9. all labels will be automatically removed when you stop debugging.


http://www.mediafire.com/file/5zorao...ats.me%5D_.zip

@mak could you give sources of where the plugins came from?

Files indicate the source, once again

OW Imports https://www.unknowncheats.me/forum/o...in-x64dbg.html

AttachHelper plugin for x64dbg https://forum.tuts4you.com/
The author was asked to send the plugin to you, but dont know if he did it. :)

x64 dbg that have support new api for Hasp protected?
I can't open program.

@dave_omirora you have to be more specific than that. Could you open an issue on http://issues.x64dbg.com?

When is planned to release an stable version? I m using 5 may 2016 release, but latest nighty builds are only for debug testing.

alternatif link please mega or mediafire etc...

Hello guys,
Wish we had a plugin section on x64dbg github !
We have dead link for plugins here.
Thanks

There is a public list of plugins maintained on their GitHub wiki here:
https://github.com/x64dbg/x64dbg/wiki/Plugins