EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Developer Section

Notices

View Poll Results: Would you use this debugger?
Yes (mainly x32) 70 30.17%
Not at all 22 9.48%
Yes, if it gets better (please post feature suggestions) 77 33.19%
Yes (mainly x64) 63 27.16%
Voters: 232. You may not vote on this poll

Reply
 
Thread Tools Display Modes
  #301  
Old 06-16-2018, 14:43
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 215
Rept. Given: 11
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 21 Times in 10 Posts
deroko Reputation: 30
One thing I always wanted to ask for When I have __debugbreak() enabled and attach as JIT, x64dbg breaks always on this int 3, and even if you set new origin after int 3 it somehow restores exception back to int 3 and usually solution is to replace int 3 with nop. Olly and windbg tend to break after int 3 thus exception doesn't reacquier.

This would be great imho
__________________
http://accessroot.com
Reply With Quote
The Following 3 Users Say Thank You to deroko For This Useful Post:
MarcElBichon (06-16-2018), tonyweb (06-18-2018), yoza (06-20-2018)
  #302  
Old 06-17-2018, 07:08
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 843
Rept. Given: 493
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 88
Thanks Rcvd at 517 Times in 198 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
deroko: You can use the option 'Skip INT3 stepping' (https://i.imgur.com/JzPDRws.png), or manually use the `skip` command to achieve what you want.

Respect for your work.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 2 Users Say Thank You to mr.exodia For This Useful Post:
tonyweb (06-18-2018), yoza (06-20-2018)
  #303  
Old 06-18-2018, 19:19
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 215
Rept. Given: 11
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 21 Times in 10 Posts
deroko Reputation: 30
Ah sweet, had no idea this options is doing this. Tnx
__________________
http://accessroot.com
Reply With Quote
The Following User Says Thank You to deroko For This Useful Post:
tonyweb (06-18-2018)
  #304  
Old 06-18-2018, 21:48
winndy winndy is offline
VIP
 
Join Date: Sep 2005
Posts: 223
Rept. Given: 102
Rept. Rcvd 25 Times in 11 Posts
Thanks Given: 13
Thanks Rcvd at 5 Times in 4 Posts
winndy Reputation: 25
Cool!
Wish x64dbg could be cross-platform.
Reply With Quote
  #305  
Old 07-14-2018, 14:54
DavidXanatos DavidXanatos is offline
Friend
 
Join Date: Jun 2018
Posts: 16
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 6
Thanks Rcvd at 2 Times in 2 Posts
DavidXanatos Reputation: 0
I was trying to use this debugger the other day and run over a strange issue.

I was not able to make it ignore an exception thrown by the application (ExceptionCode: C0000005), as far as I can tell its part of a anti reverse engineering technique. in IDA the same exception gets thrown but there when I encounter the first one i can tell it to ignore all subsequent once.

I tried to uncheck all the "break on" checkboxes in the options as well as adding last exception and/or add 00000000-ffffffff to the excluded exceptions list but still it did not ignore the exception. I wonder if there is a bug (I was using the latest build as of yesterday) or if I missed some option.

If its the later than I would appreciate being pointed towards it and if its the former than a fix would be much appreciated to
Reply With Quote
  #306  
Old 07-27-2018, 07:36
Dicypher Dicypher is offline
Friend
 
Join Date: Nov 2017
Posts: 2
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 3 Times in 2 Posts
Dicypher Reputation: 1
@sendersu Just followed the UPX tutorial, works like a charm.

I'll be working with some more advanced packers soon, after nailing down UPX. Mr. Exodia has done some awesome work with x64dbg... no doubt.
Reply With Quote
The Following User Says Thank You to Dicypher For This Useful Post:
sendersu (07-30-2018)
  #307  
Old 08-07-2018, 08:18
T-rad T-rad is offline
Friend
 
Join Date: May 2016
Posts: 8
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 3
Thanks Rcvd at 1 Time in 1 Post
T-rad Reputation: 0
anyone know why DataCopy was removed. last version with it is snapshot_2018-04-05_00-33
Reply With Quote
  #308  
Old 08-07-2018, 08:39
atom0s's Avatar
atom0s atom0s is offline
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 187
Rept. Given: 21
Rept. Rcvd 93 Times in 42 Posts
Thanks Given: 31
Thanks Rcvd at 211 Times in 82 Posts
atom0s Reputation: 93
Quote:
Originally Posted by T-rad View Post
anyone know why DataCopy was removed. last version with it is snapshot_2018-04-05_00-33
A quick skim over the merge requests and commit log show it was merged and combined a single editor. (Hex editor / string editor / data copy dialog into one. https://github.com/x64dbg/x64dbg/pull/1941)
Reply With Quote
The Following User Says Thank You to atom0s For This Useful Post:
tonyweb (08-11-2018)
  #309  
Old 08-07-2018, 10:58
T-rad T-rad is offline
Friend
 
Join Date: May 2016
Posts: 8
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 3
Thanks Rcvd at 1 Time in 1 Post
T-rad Reputation: 0
thanks. Guess i missed that.
Reply With Quote
Reply

Tags
bit, debugger, x32, x64, x64_dbg

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
x64dbg python Storm Shadow Developer Section 6 08-04-2017 15:29
x64dbg conditional branches logger [Plugin] Kurapica Community Tools 3 09-16-2016 01:58


All times are GMT +8. The time now is 14:36.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX