Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-13-2021, 17:41
jonwil jonwil is offline
VIP
 
Join Date: Feb 2004
Posts: 374
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 57 Times in 32 Posts
jonwil Reputation: 21
Windows debugger that can run code on breakpoint?

Is there a Windows debugger where I can set a breakpoint on a specific instruction (in a binary that I have been reverse engineering with IDA in this case) and then instead of stopping and waiting for user action, run some code that can access the current registers and memory of the process (and do some things with the results like writing some things to a log) before letting the program continue to run?

The binary is a 32-bit x86 binary and I want to do this break-then-log-stuff-then-continue in a few different places.
Reply With Quote
  #2  
Old 10-13-2021, 20:00
Turkuaz Turkuaz is offline
Family
 
Join Date: Sep 2017
Posts: 146
Rept. Given: 3
Rept. Rcvd 6 Times in 3 Posts
Thanks Given: 33
Thanks Rcvd at 134 Times in 47 Posts
Turkuaz Reputation: 6
Ollydbg conditional log breakpoint
http://www.ollydbg.de/Help/Condlogbreakpoint.htm
Reply With Quote
  #3  
Old 10-13-2021, 23:22
Stingered Stingered is offline
Friend
 
Join Date: Dec 2017
Posts: 160
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 199
Thanks Rcvd at 103 Times in 52 Posts
Stingered Reputation: 2
Is this what you are referring to?

https://help.x64dbg.com/en/latest/introduction/ConditionalTracing.html

https://help.x64dbg.com/en/latest/commands/conditional-breakpoint-control/SetBreakpointLogCondition.html

Last edited by Stingered; 10-13-2021 at 23:46.
Reply With Quote
  #4  
Old 10-14-2021, 05:18
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 627
Rept. Given: 20
Rept. Rcvd 41 Times in 25 Posts
Thanks Given: 576
Thanks Rcvd at 932 Times in 426 Posts
chants Reputation: 41
WinDbg has "debugger command programs" https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-command-program-examples and allows such macros. Not sure if they can be triggered on breakpoints but it should be possible. Ollydbg and x64dbg I reckon are just as capable of being scripted.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 04:51.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )