Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-13-2021, 17:41
jonwil jonwil is offline
VIP
 
Join Date: Feb 2004
Posts: 387
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 65 Times in 34 Posts
jonwil Reputation: 21
Windows debugger that can run code on breakpoint?

Is there a Windows debugger where I can set a breakpoint on a specific instruction (in a binary that I have been reverse engineering with IDA in this case) and then instead of stopping and waiting for user action, run some code that can access the current registers and memory of the process (and do some things with the results like writing some things to a log) before letting the program continue to run?

The binary is a 32-bit x86 binary and I want to do this break-then-log-stuff-then-continue in a few different places.
Reply With Quote
  #2  
Old 10-13-2021, 20:00
Turkuaz Turkuaz is offline
Family
 
Join Date: Sep 2017
Posts: 161
Rept. Given: 3
Rept. Rcvd 7 Times in 4 Posts
Thanks Given: 39
Thanks Rcvd at 136 Times in 49 Posts
Turkuaz Reputation: 7
Ollydbg conditional log breakpoint
http://www.ollydbg.de/Help/Condlogbreakpoint.htm
Reply With Quote
  #3  
Old 10-13-2021, 23:22
Stingered Stingered is offline
Friend
 
Join Date: Dec 2017
Posts: 256
Rept. Given: 0
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 296
Thanks Rcvd at 179 Times in 89 Posts
Stingered Reputation: 2
Is this what you are referring to?

https://help.x64dbg.com/en/latest/introduction/ConditionalTracing.html

https://help.x64dbg.com/en/latest/commands/conditional-breakpoint-control/SetBreakpointLogCondition.html

Last edited by Stingered; 10-13-2021 at 23:46.
Reply With Quote
The Following User Says Thank You to Stingered For This Useful Post:
niculaita (01-18-2022)
  #4  
Old 10-14-2021, 05:18
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 725
Rept. Given: 35
Rept. Rcvd 48 Times in 30 Posts
Thanks Given: 666
Thanks Rcvd at 1,050 Times in 475 Posts
chants Reputation: 48
WinDbg has "debugger command programs" https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-command-program-examples and allows such macros. Not sure if they can be triggered on breakpoints but it should be possible. Ollydbg and x64dbg I reckon are just as capable of being scripted.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (01-17-2022)
  #5  
Old 01-17-2022, 06:43
lahma lahma is offline
Friend
 
Join Date: Jul 2016
Location: US
Posts: 14
Rept. Given: 0
Rept. Rcvd 4 Times in 2 Posts
Thanks Given: 5
Thanks Rcvd at 39 Times in 9 Posts
lahma Reputation: 4
I think you might find WinDBG's javascript debugger scripting useful. You can have a script trigger upon a breakpoint, do whatever you need to do (log data, modify values, etc), and the script can then decide whether or not to continue running the app based on whatever logic you provide it. You can find the documentation for it here:
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/javascript-debugger-scripting
Reply With Quote
The Following User Says Thank You to lahma For This Useful Post:
niculaita (01-17-2022)
  #6  
Old 01-17-2022, 21:28
N0P's Avatar
N0P N0P is offline
Friend
 
Join Date: Aug 2003
Location: Brno[CzechRepublic]
Posts: 90
Rept. Given: 19
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 12
Thanks Rcvd at 26 Times in 17 Posts
N0P Reputation: 11
maybe CheatEngine can this handle too ?
Reply With Quote
The Following User Says Thank You to N0P For This Useful Post:
niculaita (01-18-2022)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Whether IDA can set memory breakpoint when use Remote Linux debugger? bridgeic General Discussion 7 09-10-2014 18:07
(Q) .NET App Source Code Protection (Silverlight, Windows Phone, Windows 8) delidolunet General Discussion 7 08-02-2013 10:33


All times are GMT +8. The time now is 18:41.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )