Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-13-2021, 17:41
jonwil jonwil is offline
VIP
 
Join Date: Feb 2004
Posts: 379
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 63 Times in 33 Posts
jonwil Reputation: 21
Windows debugger that can run code on breakpoint?

Is there a Windows debugger where I can set a breakpoint on a specific instruction (in a binary that I have been reverse engineering with IDA in this case) and then instead of stopping and waiting for user action, run some code that can access the current registers and memory of the process (and do some things with the results like writing some things to a log) before letting the program continue to run?

The binary is a 32-bit x86 binary and I want to do this break-then-log-stuff-then-continue in a few different places.
Reply With Quote
  #2  
Old 10-13-2021, 20:00
Turkuaz Turkuaz is offline
Family
 
Join Date: Sep 2017
Posts: 148
Rept. Given: 3
Rept. Rcvd 6 Times in 3 Posts
Thanks Given: 36
Thanks Rcvd at 134 Times in 47 Posts
Turkuaz Reputation: 6
Ollydbg conditional log breakpoint
http://www.ollydbg.de/Help/Condlogbreakpoint.htm
Reply With Quote
  #3  
Old 10-13-2021, 23:22
Stingered Stingered is online now
Friend
 
Join Date: Dec 2017
Posts: 186
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 239
Thanks Rcvd at 135 Times in 64 Posts
Stingered Reputation: 2
Is this what you are referring to?

https://help.x64dbg.com/en/latest/introduction/ConditionalTracing.html

https://help.x64dbg.com/en/latest/commands/conditional-breakpoint-control/SetBreakpointLogCondition.html

Last edited by Stingered; 10-13-2021 at 23:46.
Reply With Quote
The Following User Says Thank You to Stingered For This Useful Post:
niculaita (01-18-2022)
  #4  
Old 10-14-2021, 05:18
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 636
Rept. Given: 21
Rept. Rcvd 43 Times in 26 Posts
Thanks Given: 590
Thanks Rcvd at 958 Times in 432 Posts
chants Reputation: 43
WinDbg has "debugger command programs" https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-command-program-examples and allows such macros. Not sure if they can be triggered on breakpoints but it should be possible. Ollydbg and x64dbg I reckon are just as capable of being scripted.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (01-17-2022)
  #5  
Old 01-17-2022, 06:43
lahma lahma is offline
Friend
 
Join Date: Jul 2016
Location: US
Posts: 13
Rept. Given: 0
Rept. Rcvd 4 Times in 2 Posts
Thanks Given: 5
Thanks Rcvd at 38 Times in 9 Posts
lahma Reputation: 4
I think you might find WinDBG's javascript debugger scripting useful. You can have a script trigger upon a breakpoint, do whatever you need to do (log data, modify values, etc), and the script can then decide whether or not to continue running the app based on whatever logic you provide it. You can find the documentation for it here:
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/javascript-debugger-scripting
Reply With Quote
The Following User Says Thank You to lahma For This Useful Post:
niculaita (01-17-2022)
  #6  
Old 01-17-2022, 21:28
N0P's Avatar
N0P N0P is offline
Friend
 
Join Date: Aug 2003
Location: Brno[CzechRepublic]
Posts: 85
Rept. Given: 19
Rept. Rcvd 10 Times in 9 Posts
Thanks Given: 12
Thanks Rcvd at 22 Times in 15 Posts
N0P Reputation: 10
maybe CheatEngine can this handle too ?
Reply With Quote
The Following User Says Thank You to N0P For This Useful Post:
niculaita (01-18-2022)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Whether IDA can set memory breakpoint when use Remote Linux debugger? bridgeic General Discussion 7 09-10-2014 18:07
(Q) .NET App Source Code Protection (Silverlight, Windows Phone, Windows 8) delidolunet General Discussion 7 08-02-2013 10:33


All times are GMT +8. The time now is 10:10.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2022 )