EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Developer Section

Notices

View Poll Results: Would you use this debugger?
Yes (mainly x32) 72 29.63%
Not at all 22 9.05%
Yes, if it gets better (please post feature suggestions) 79 32.51%
Yes (mainly x64) 70 28.81%
Voters: 243. You may not vote on this poll

Reply
 
Thread Tools Display Modes
  #181  
Old 05-01-2015, 02:09
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by Carbon View Post
Please remove the poll, because it is useless. With further improvements more and more users will use this debugger.

Have you thought about supporting more OS? Like linux x86/x64? I don't know how good the win code separation is but supporting another OS will be a killer. If your code is good you only need to replace titanengine, because qt is platform independent anyway.

Creating the basic linux debugger functions is as easy as in windows.
e.g. https://github.com/tuco86/edb-debugger/blob/master/plugins/DebuggerCore/unix/linux/DebuggerCore.cpp

PS: Please create a new snapshot with the new plugin icon stuff
I like the poll myself And yea, there have been thoughts, but the code is not portable (the dbg part that is). It would probably be possible to make the GUI generic so people can plugin their own debug engines in, but that's really far away right now.

My jenkins server is down so I cannot do any snapshots right now. You could compile it yourself (should be really easy with the supplied batch files).

Greetings
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
pps44 (05-09-2015)
  #182  
Old 05-12-2015, 18:52
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 100
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 21
Thanks Rcvd at 26 Times in 14 Posts
cybercoder Reputation: 11
Just a quick question. I have just compiled the updated x64_dbg and now the plugins dont seem to work anymore.. is this because the files have the '_' taken out.. i.e. x64_dbg.exe to x64dbg.exe, x64_dbg.dll..x64dbg.dll?
Reply With Quote
  #183  
Old 05-12-2015, 19:07
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 100
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 21
Thanks Rcvd at 26 Times in 14 Posts
cybercoder Reputation: 11
Just checked seems the name change does affect the plugins.. can be fixed by editing the filenames in the plugins
Reply With Quote
  #184  
Old 05-12-2015, 23:50
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
I created a forwarder for backwards compatibility: https://github.com/x64dbg/x64dbg_forwarder

If you want the latest x64dbg version I encourage you to use the builds at http://snapshots.x64dbg.com they are mostly up to date with the latest master (except when the change is so minimal it doesn't affect anything)
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
cybercoder (05-13-2015)
  #185  
Old 05-14-2015, 21:11
mak mak is offline
Friend
 
Join Date: Feb 2010
Posts: 27
Rept. Given: 10
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 18
Thanks Rcvd at 22 Times in 9 Posts
mak Reputation: 2
Hi mr.exodia,

Do you have tested the x64dbg debugger in win 8.1 ?! Do you plan to do the optimization of code execution? Implementation of the code execution by F8 for example, I think it is too slow. Generally tracing in the code is fairly slow.

On my system, this message comes out -

---------------------------
ERROR
---------------------------
NT APIs missing

section

060200000109_x86_000169B0

file

Z:\x64_Debug\x32\plugins\NtApiCollection.ini
---------------------------

---------------------------

But I think it is a problem of plug-ins. After completion of debugging on Win 8.1, the debugging file looks like remain busy until you restart the debugger.

Do you plan to add the search for a set of assembly instructions?

Thank you for your great project!
Reply With Quote
  #186  
Old 05-15-2015, 19:52
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@mak: x64dbg is developed on Windows 8.1 x64. There are indeed many plans to improve the performance of these kind of things, but it is really hard to benchmark and even harder to improve. Feel free to improve things and send a pull request.

That error message is from ScyllaHide. In their readme file they explain why it happens and how to fix it.

And until now there were no plans. Feel free to report if you have ideas or made anything here.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #187  
Old 05-16-2015, 08:58
Debugger Debugger is offline
Friend
 
Join Date: May 2013
Posts: 53
Rept. Given: 53
Rept. Rcvd 8 Times in 6 Posts
Thanks Given: 66
Thanks Rcvd at 22 Times in 13 Posts
Debugger Reputation: 8
Hi Mr.exodia , I am using x64dbg for x86 binary.
Quote:
http://reverseengineeringtips.blogspot.in/2015/02/the-exagerated-promises-of-clicklocker.html#comment-form
I was reading this and thought i could give it try using x64dbg.But I'm not able to search for strings within program(shows ntdll strings ? not demo app strings or am i missing something ?)

btw I love tabs better than toolbar of olly Great work keep it up.
Reply With Quote
  #188  
Old 05-16-2015, 09:28
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Hey,

If you want to search for strings somewhere, you have to go there in the cpu first. Just go in the memory map and double click the code region of the module you want to see the strings of. Then find strings again.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
Debugger (05-16-2015)
  #189  
Old 05-16-2015, 12:22
Debugger Debugger is offline
Friend
 
Join Date: May 2013
Posts: 53
Rept. Given: 53
Rept. Rcvd 8 Times in 6 Posts
Thanks Given: 66
Thanks Rcvd at 22 Times in 13 Posts
Debugger Reputation: 8
Sorry for trouble, i got that after i posted this message
Reply With Quote
The Following User Says Thank You to Debugger For This Useful Post:
mr.exodia (05-16-2015)
  #190  
Old 05-24-2015, 16:56
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
Just a small feature request. In dump windows it would be useful if selecting dword/qword you would add "Follow in dump" option in context menu thus pointers in dump can be easier tracked or I missed this feature somehow
__________________
http://accessroot.com
Reply With Quote
The Following User Gave Reputation+1 to deroko For This Useful Post:
mr.exodia (05-24-2015)
  #191  
Old 05-24-2015, 20:46
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@deroko: I plan on working on x64dbg today, I will implement your feature request as I missed it myself a couple of times too!
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 2 Users Say Thank You to mr.exodia For This Useful Post:
deroko (05-25-2015), sendersu (05-24-2015)
  #192  
Old 05-25-2015, 02:42
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
Great, this will be very useful
__________________
http://accessroot.com
Reply With Quote
  #193  
Old 05-25-2015, 02:44
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
I implemented your feature request, download the latest snapshot from here
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 3 Users Gave Reputation+1 to mr.exodia For This Useful Post:
cjack (05-26-2015), deroko (05-25-2015), Loki (05-26-2015)
The Following 4 Users Say Thank You to mr.exodia For This Useful Post:
deroko (05-25-2015), Loki (05-26-2015), pps44 (05-26-2015), sendersu (05-25-2015)
  #194  
Old 05-25-2015, 04:53
deroko's Avatar
deroko deroko is offline
cr4zyserb
 
Join Date: Nov 2005
Posts: 216
Rept. Given: 13
Rept. Rcvd 30 Times in 14 Posts
Thanks Given: 7
Thanks Rcvd at 23 Times in 11 Posts
deroko Reputation: 30
Wow that was fast work like a charm

Some more suggestions, would be also good to have same option to follow dword/qword in dump, and to be able to use '-' like in disassembler to go back to previous address in dump. Would be very useful for quick inspection of struct/object members which are pointing to some address without need to type address in dump
__________________
http://accessroot.com
Reply With Quote
The Following 2 Users Say Thank You to deroko For This Useful Post:
Loki (05-26-2015), mr.exodia (05-25-2015)
  #195  
Old 05-26-2015, 04:05
Storm Shadow's Avatar
Storm Shadow Storm Shadow is offline
Family
 
Join Date: Jun 2014
Posts: 274
Rept. Given: 189
Rept. Rcvd 191 Times in 78 Posts
Thanks Given: 131
Thanks Rcvd at 205 Times in 70 Posts
Storm Shadow Reputation: 100-199 Storm Shadow Reputation: 100-199
I have tested the new build with decompiler.It really adds so much more to the whole debugger.
Seems more complete now.

Good work Devs

Changelog

Quote:
BRIDGE: show cpu gui function
PROJECT+GUI: snowman decompiler
http://sourceforge.net/projects/x64dbg/files/snapshots/
__________________
The devil whispered in my ear, "you're not strong enough to withstand the storm."

Today I whispered in the devils ear, "I am the storm."
Reply With Quote
Reply

Tags
bit, debugger, x32, x64, x64_dbg

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
nfd - x64dbg plugin hors Community Tools 2 04-01-2018 08:18
CopyToAsm - x64dbg plugin mrfearless Community Tools 0 03-04-2018 08:36
x64dbg - Find OEP by section hop schrodyn General Discussion 6 01-19-2018 04:31
Q: How can I get this kind of output from X64DBG? Stingered General Discussion 3 01-13-2018 07:15
x64dbg python Storm Shadow Developer Section 6 08-04-2017 15:29


All times are GMT +8. The time now is 21:23.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX