Exetools  

Go Back   Exetools > General > Developer Section

Notices

View Poll Results: Would you use this debugger?
Yes (mainly x32) 92 28.66%
Not at all 24 7.48%
Yes, if it gets better (please post feature suggestions) 89 27.73%
Yes (mainly x64) 116 36.14%
Voters: 321. You may not vote on this poll

Reply
 
Thread Tools Display Modes
  #1  
Old 10-28-2013, 04:36
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 490
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 89
Thanks Rcvd at 713 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Talking x64dbg

Hi everyone,
 
Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features:
  • variables, currently command-based only
  • basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A)
  • software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr')
  • hardware breakpoints (access, write, execute), also command-only
  • stepping (over, into, out, n instructions), can be done with buttons/shortcuts
  • memory allocation/deallocation inside the debuggee
  • quickly access API adresses (bp GetProcAddress)
  • syntax highlighting, currently not customizable
  • simple memory map (just addr+size+module+protection basically)
The debugger has an easy GUI, for which we looked a lot at Olly
 
Screenshot:
http://rghost.net/49769041/image.png
 
Debug engine is TitanEngine, disassembler BeaEngine, icons are from various sources (see About dialog). We use QT for the GUI part.
 
If you have a suggestion, a bug report, need more info, want to contribute, just post here or send me a private message.
 
The latest public build + source can always be found on http://x64dbg.com (click 'Source'->'bin_public') to download the latest build. For now, you can download the first 'alpha' here: http://rghost.net/49769396
 
We would love to hear from you!
 
Greetings,
 
Mr. eXoDia & Sigma

Last edited by mr.exodia; 11-07-2016 at 00:43.
Reply With Quote
The Following 18 Users Gave Reputation+1 to mr.exodia For This Useful Post:
ahmadmansoor (10-31-2013), alekine322 (10-29-2013), anon_c (11-25-2013), Av0id (10-29-2013), besoeso (11-03-2013), chessgod101 (10-29-2013), cyberbob (10-28-2013), emo (10-29-2013), giv (11-05-2013), JeRRy (10-28-2013), Kla$ (10-28-2013), KuNgBiM (11-19-2013), marrom79 (10-28-2013), quygia128 (10-30-2013), sendersu (10-28-2013), Youtoo (11-15-2013), ZeNiX (10-29-2013), |roe (10-30-2013)
The Following 19 Users Say Thank You to mr.exodia For This Useful Post:
Artic (06-12-2022), Avalon (10-24-2018), Dr.FarFar (09-25-2023), giv (10-11-2015), Indigo (07-19-2019), korosh (06-12-2019), p4r4d0x (05-25-2018), papi (10-23-2015), quygia128 (12-08-2023), trodas (07-06-2015), uranus64 (03-12-2022), user1 (11-13-2015), vic4key (02-18-2016), Youtoo (09-22-2015), yoza (10-23-2017)
  #2  
Old 10-28-2013, 07:43
ferrit.rce's Avatar
ferrit.rce ferrit.rce is offline
VIP
 
Join Date: Sep 2013
Location: Switzerland
Posts: 42
Rept. Given: 10
Rept. Rcvd 101 Times in 23 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 4 Posts
ferrit.rce Reputation: 100-199 ferrit.rce Reputation: 100-199
The idea is cool! BTW are you using TitanEngine version 2.0.3? Previously I've implemented some unpackers with this version but I've found several major bugs inside. I've reported all of these issues but seems like this code is dead. Because of that I've tried to fix them alone but I've found a spagetti code Just for your information...
Reply With Quote
The Following User Gave Reputation+1 to ferrit.rce For This Useful Post:
mr.exodia (10-28-2013)
The Following 2 Users Say Thank You to ferrit.rce For This Useful Post:
Indigo (07-19-2019), yoza (10-23-2017)
  #3  
Old 10-28-2013, 08:33
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 490
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 89
Thanks Rcvd at 713 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by ferrit.rce View Post
The idea is cool! BTW are you using TitanEngine version 2.0.3? Previously I've implemented some unpackers with this version but I've found several major bugs inside. I've reported all of these issues but seems like this code is dead. Because of that I've tried to fix them alone but I've found a spagetti code Just for your information...
Thanks! We use an updated version of TitanEngine... If you still know these bugs, you could report them here: https://bitbucket.org/mrexodia/titanengine-update/issues (I've fixed many)

Greetings,

Mr. eXoDia
Reply With Quote
The Following 2 Users Say Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #4  
Old 10-28-2013, 19:52
ferrit.rce's Avatar
ferrit.rce ferrit.rce is offline
VIP
 
Join Date: Sep 2013
Location: Switzerland
Posts: 42
Rept. Given: 10
Rept. Rcvd 101 Times in 23 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 4 Posts
ferrit.rce Reputation: 100-199 ferrit.rce Reputation: 100-199
OK, I'll look for these issues and report them on the URL when I've found something...

Quote:
Originally Posted by mr.exodia View Post
Thanks! We use an updated version of TitanEngine... If you still know these bugs, you could report them here: https://bitbucket.org/mrexodia/titanengine-update/issues (I've fixed many)

Greetings,

Mr. eXoDia
Reply With Quote
The Following User Gave Reputation+1 to ferrit.rce For This Useful Post:
mr.exodia (10-29-2013)
The Following User Says Thank You to ferrit.rce For This Useful Post:
Indigo (07-19-2019)
  #5  
Old 10-28-2013, 23:33
JeRRy's Avatar
JeRRy JeRRy is offline
VIP
 
Join Date: Oct 2010
Posts: 121
Rept. Given: 89
Rept. Rcvd 205 Times in 72 Posts
Thanks Given: 14
Thanks Rcvd at 26 Times in 12 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
"Yes (mainly x32)" should be "Yes (mainly x64)"
__________________
SnD
Reply With Quote
The Following User Says Thank You to JeRRy For This Useful Post:
Indigo (07-19-2019)
  #6  
Old 10-29-2013, 04:32
ahmadmansoor's Avatar
ahmadmansoor ahmadmansoor is offline
Coder
 
Join Date: Feb 2006
Location: Syria
Posts: 1,047
Rept. Given: 514
Rept. Rcvd 374 Times in 142 Posts
Thanks Given: 375
Thanks Rcvd at 410 Times in 119 Posts
ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399
I like this Idea very much .... but look on the steps to build this project will take a long time ,especially to get bug report and begin fix it, so for x32 it will be a waste of time ,but for x64 no problem.
anyway I would like to join this project too , maybe as a tester at this time and a coder later.
and I prefer to work on X64 more than x32 .u know ollyDbg take tha place .
so the best thing is thinking in x64 and make one like an ollyDbg x1.0 which all guys like it ,and try to emulate it Functionally.
__________________
Ur Best Friend Ahmadmansoor
Always My Best Friend: Aaron & JMI & ZeNiX
Reply With Quote
The Following 2 Users Say Thank You to ahmadmansoor For This Useful Post:
Dr.FarFar (09-25-2023), Indigo (07-19-2019)
  #7  
Old 10-29-2013, 05:40
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 490
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 89
Thanks Rcvd at 713 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@ferrit.rce: thanks in advance for that!

@Jerry: you're right, I wanted to change it, but I was too late to edit the post (maybe one of the admins could do that?)

@ahmadmansoor: great you want to join, of course you are welcome! As for the development time x32 and x64 require (almost) no different code. In fact, porting the GUI from x64->x32 took a few minutes

Our aim is indeed to add features like ollyDbg, our design is very different though (GUI and DBG are separate, so bugs can be easily fixed without having to recompile all modules) also the plugin architecture is going to be very different (currently there are only some ideas but there will be many types/places to add plugins to)

Also, a new release available in public_bin.

Changelog:
- added Scylla 'plugin' (start scylla with the current process/dll you have loaded)
- fixed many GUI bugs (redraw bugs etc), by Sigma
- fixed this disassembly bug with truncated QWORDS

Download in the repo

Greetings
Reply With Quote
The Following 2 Users Gave Reputation+1 to mr.exodia For This Useful Post:
chessgod101 (10-29-2013), Youtoo (11-15-2013)
The Following 3 Users Say Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019), trodas (07-06-2015)
  #8  
Old 10-30-2013, 09:26
NeOXOeN NeOXOeN is offline
Friend
 
Join Date: Jan 2005
Posts: 273
Rept. Given: 2
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 18 Times in 18 Posts
NeOXOeN Reputation: 3
mr.exodia: nice.. i hope you will finish the project a lot of work..

bye NeO
Reply With Quote
The Following User Says Thank You to NeOXOeN For This Useful Post:
Indigo (07-19-2019)
  #9  
Old 10-30-2013, 13:06
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,128
Rept. Given: 334
Rept. Rcvd 228 Times in 119 Posts
Thanks Given: 268
Thanks Rcvd at 539 Times in 299 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Time of 1 man a hero in the field is out nowadays (IMHO)
only the Team could do things today
so if I'll see some parts I could do and I'll have some free time I'll join as well
right now as a QA only
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
mr.exodia (10-30-2013)
The Following User Says Thank You to sendersu For This Useful Post:
Indigo (07-19-2019)
  #10  
Old 10-31-2013, 22:01
ahmadmansoor's Avatar
ahmadmansoor ahmadmansoor is offline
Coder
 
Join Date: Feb 2006
Location: Syria
Posts: 1,047
Rept. Given: 514
Rept. Rcvd 374 Times in 142 Posts
Thanks Given: 375
Thanks Rcvd at 410 Times in 119 Posts
ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399
what u use to compile !! ,I have installed Qt ,and try to compile in both qt and vs2010 .
no success .
so any some steps to help .
__________________
Ur Best Friend Ahmadmansoor
Always My Best Friend: Aaron & JMI & ZeNiX
Reply With Quote
The Following User Says Thank You to ahmadmansoor For This Useful Post:
Indigo (07-19-2019)
  #11  
Old 10-31-2013, 23:21
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 490
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 89
Thanks Rcvd at 713 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by ahmadmansoor View Post
what u use to compile !! ,I have installed Qt ,and try to compile in both qt and vs2010 .
no success .
so any some steps to help .
The building process is sadly enough quite complicated, I'm working on a full guide right now, but it might take some time to get that.

Greetings
Reply With Quote
The Following 2 Users Gave Reputation+1 to mr.exodia For This Useful Post:
sendersu (11-01-2013), Youtoo (11-15-2013)
The Following User Says Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #12  
Old 11-02-2013, 06:38
Sailor_EDA Sailor_EDA is offline
Friend
 
Join Date: Nov 2004
Posts: 67
Rept. Given: 8
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 43
Thanks Rcvd at 4 Times in 2 Posts
Sailor_EDA Reputation: 2
This is an excellent idea. In the past I had looked at incorporating an actual x86 simulator engine like Bochs to help with unpacking but it looks like TitanEngine is an excellent resource to do as well. Looking forward to this tool.
Reply With Quote
The Following User Says Thank You to Sailor_EDA For This Useful Post:
Indigo (07-19-2019)
  #13  
Old 11-02-2013, 07:16
Ember Ember is offline
Friend
 
Join Date: Feb 2009
Posts: 84
Rept. Given: 68
Rept. Rcvd 25 Times in 15 Posts
Thanks Given: 36
Thanks Rcvd at 78 Times in 33 Posts
Ember Reputation: 25
Really good job, mr.exodia! I like to write patches in OllyDbg using the assemble command, it would be nice to have the assemble command so I could patch 64-bit programs in the same way.
Reply With Quote
The Following User Says Thank You to Ember For This Useful Post:
Indigo (07-19-2019)
  #14  
Old 11-03-2013, 08:11
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 490
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 89
Thanks Rcvd at 713 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by Ember View Post
Really good job, mr.exodia! I like to write patches in OllyDbg using the assemble command, it would be nice to have the assemble command so I could patch 64-bit programs in the same way.
Good, I'm working on a NASM DLL, it should do for assembling I think. The only problem is that I wanna interpret everything as hex an nasm has no commandline for that and another problem is relative memory addresses that are in x64.

Greetings
Reply With Quote
The Following User Gave Reputation+1 to mr.exodia For This Useful Post:
Youtoo (11-15-2013)
The Following 2 Users Say Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #15  
Old 11-03-2013, 20:14
emo emo is offline
Friend
 
Join Date: Dec 2010
Posts: 82
Rept. Given: 237
Rept. Rcvd 12 Times in 8 Posts
Thanks Given: 69
Thanks Rcvd at 8 Times in 6 Posts
emo Reputation: 12
source is have svn link?
Reply With Quote
The Following User Says Thank You to emo For This Useful Post:
Indigo (07-19-2019)
Reply

Tags
bit, debugger, x32, x64, x64_dbg

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
AdvancedScript x64dbg Plugin ahmadmansoor Developer Section 14 10-15-2019 00:35
DBG2AP - x64dbg plugin Agmcz Community Tools 1 06-15-2019 07:14
nfd - x64dbg plugin hors Community Tools 2 04-01-2018 08:18
CopyToAsm - x64dbg plugin mrfearless Community Tools 0 03-04-2018 08:36
x64dbg python Storm Shadow Developer Section 6 08-04-2017 15:29


All times are GMT +8. The time now is 05:07.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )