Exetools  

Go Back   Exetools > General > Developer Section

Notices

View Poll Results: Would you use this debugger?
Yes (mainly x32) 73 29.67%
Not at all 22 8.94%
Yes, if it gets better (please post feature suggestions) 79 32.11%
Yes (mainly x64) 72 29.27%
Voters: 246. You may not vote on this poll

Reply
 
Thread Tools Display Modes
  #166  
Old 11-23-2014, 23:33
metal metal is offline
Friend
 
Join Date: Aug 2010
Posts: 11
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
metal Reputation: 1
I will send you a PM, I don't want to reveal what software tbh.
Reply With Quote
  #167  
Old 12-30-2014, 11:45
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 497
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 92
Thanks Rcvd at 745 Times in 355 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
V2.3ALPHA is out!

Changelog:
http://x64dbg.com/changelog

Website:
http://x64dbg.com

Greetings,

Mr. eXoDia
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 14 Users Gave Reputation+1 to mr.exodia For This Useful Post:
b30wulf (01-11-2015), besoeso (01-05-2015), cjack (12-30-2014), copyleft (12-30-2014), DMichael (12-30-2014), Insid3Code (12-30-2014), kjms (12-30-2014), MarcElBichon (12-30-2014), quygia128 (01-01-2015), rooky2000 (01-03-2015), s0me0n3 (12-30-2014), SLV (01-05-2015), Storm Shadow (12-30-2014), zeuscane (01-04-2015)
  #168  
Old 01-08-2015, 13:32
cxj98
 
Posts: n/a
some feature suggest and request.

1. didn't you see, when we click on next asm code of jump xxxxxx, the red arrow jump line will automaticlly showed on OllyDBG, but none in x32dbg.



eg:



00401000 jnz 004010004

00401001 xxxxxxxxxx

00401002 xxxxxxxxxx

00401003 jmp 00401005

00401004 xxxxxxxxxxxxxxxxxx <----------- If you click here, the red jump line will automatic showed in OllyDBG jump from 00401000, but none in x32dbg, will this implement?

00401005 xxxxxxxxxxxxxx



2. didn't you see, when we search something, will result many, at current, we need set each breakpoint by press F2 many times one by one, so if I find thousand times of mov al, 1, should I need press F2 shousand times to set breakpoint on it? do you even think make a option or sub-menu called set all breakpoint or set bulk breakpoint on all of them? so in OllyDBG is have this feature on set all breakpoint on them or cancel breakpoint on them.



eg find result:



00401000 mov [EAX + 12], 1

00402000 sub 2, [EAX + 12]

00403000 mov EBX, [EAX + 12]

00404000 imul EAX, [EAX + 12]



3. at currently, we set API any breakpoint through command line box, that is inconvenience for user and me, did you even think make a API breakpoint Plugin or API Breakpoint menu option? in OllyDBG there is many such plugins, that is good, but none available yet in x32dbg.



eg:



bp MessageBoxA/W

bp ExitProcess



4. at currentlly, we set each windows eg: infobox window, stack window, hex window width & lenth, but exit debugger process, next time relauched, it can't saved into config.ini file, so need reset again, didn't you even think let it can be saved, so next time relauched I don't need set it again and again, I really hate it.



5. still against, when unicode string searching will be supportted? maybe there is some source code open Plugins on OllyDBG, If I can find for you. thanks.
Reply With Quote
  #169  
Old 01-28-2015, 05:43
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 484
Rept. Given: 2,088
Rept. Rcvd 665 Times in 206 Posts
Thanks Given: 457
Thanks Rcvd at 626 Times in 130 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
I just published a definitive tutorial for x64_dbg. It documents its settings and features and shows you how to use the tool to effectively debug a 64-bit application.

http://reverseengineeringtips.blogsp...to-x64dbg.html
__________________
"Real knowledge is to know the extent of one's ignorance." Confucius
Reply With Quote
The Following 14 Users Gave Reputation+1 to chessgod101 For This Useful Post:
besoeso (01-31-2015), Ghost0507 (01-29-2015), Git (01-31-2015), Hypnz (01-29-2015), Insid3Code (01-28-2015), Jay (01-29-2015), MarcElBichon (01-28-2015), mr.exodia (01-28-2015), RedBlkJck (02-03-2015), sendersu (01-28-2015), Storm Shadow (01-29-2015), wgz001 (01-28-2015), zeuscane (01-28-2015)
The Following User Says Thank You to chessgod101 For This Useful Post:
u_f_o (04-04-2015)
  #170  
Old 04-03-2015, 08:09
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 497
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 92
Thanks Rcvd at 745 Times in 355 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
V2.4ALPHA Released!

Changelog:
- resolved a crash when scrolling up in the dump
- resolved reference view not following in disasm correctly
- resolved losing settings
- fixed a crash with a critical section initialized multiple times
- added secret option to disable database compression
- various ui improvements
- allow 'jmp short'
- fixed hardware breakpoints
- disasm/dump/stack plugin menu api
- display the number of bytes selected and the module in dump
- added topmost option
- fixed TLS callbacks on DLLs
- show reference count in reference window
- fixed possible buffer overflows
- added a close all button in the reference view to close all tabs
- fixed a bug with a non-refreshed memory map on start
- report bug button
- update hex when editing ascii/unicode in HexEditDialog
- settings dialog now scales
- fixed importing patches
- thread-safe dbghelp access (could fix some crashes)
- Yara pattern finding support
- resolved an issue where toggling patches did not toggle the actual bytes
- data copy dialog in various formats (C byte/word/dword/string/unicode)
- dynamic 'Find references to' menu in disassembler (auto-detects constants)
- added find references option to the dump (also works with a range selection)
- show what was searched for in reference tab title
- RegEx support in SearchListView

Download:
http://snapshots.x64dbg.com

Donate:
http://donate.x64dbg.com

Greetings,

Mr. eXoDia
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 5 Users Gave Reputation+1 to mr.exodia For This Useful Post:
atom0s (04-03-2015), cjack (04-03-2015), MarcElBichon (04-03-2015), Storm Shadow (04-03-2015), zeuscane (04-03-2015)
The Following 5 Users Say Thank You to mr.exodia For This Useful Post:
Smoke (04-03-2015), u_f_o (04-04-2015), WaSt3d_ByTes (04-05-2015), zeuscane (04-03-2015)
  #171  
Old 04-04-2015, 21:10
ahmadmansoor's Avatar
ahmadmansoor ahmadmansoor is offline
Exetools Team Manager
 
Join Date: Feb 2006
Location: Syria
Posts: 1,006
Rept. Given: 462
Rept. Rcvd 361 Times in 134 Posts
Thanks Given: 188
Thanks Rcvd at 276 Times in 98 Posts
ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399
Nice news
Quote:
disasm/dump/stack plugin menu api
__________________
Ur Best Friend Ahmadmansoor
Always My Best Friend: Aaron & JMI & ZeNiX
Reply With Quote
  #172  
Old 04-04-2015, 22:06
Conquest Conquest is offline
Friend
 
Join Date: Jan 2013
Location: 0x484F4D45
Posts: 105
Rept. Given: 46
Rept. Rcvd 29 Times in 17 Posts
Thanks Given: 24
Thanks Rcvd at 41 Times in 20 Posts
Conquest Reputation: 29
can you implement some type of compatibility with olly plugins. The sheer amount of olly plugins is main reason why i still cannot use it as my default debugger.(i understand the fact that most plugins on the wild is to fix and hide olly, but some of them has other purposes as you can already guess, ex- ollyscript, oreans unvmer etc.)
Reply With Quote
  #173  
Old 04-05-2015, 01:45
Carbon Carbon is offline
VIP
 
Join Date: Sep 2013
Posts: 113
Rept. Given: 7
Rept. Rcvd 189 Times in 48 Posts
Thanks Given: 0
Thanks Rcvd at 57 Times in 18 Posts
Carbon Reputation: 100-199 Carbon Reputation: 100-199
@Conquest
That is too much work and wasted time.

Maybe you should become active?
- Create feature requests: https://bitbucket.org/mrexodia/x64_dbg
- Ask plugin authors for a x64dbg version.

x64dbg has already more than enough hide plugins.
__________________
My blog: https://ntquery.wordpress.com
Reply With Quote
The Following User Gave Reputation+1 to Carbon For This Useful Post:
ahmadmansoor (04-05-2015)
  #174  
Old 04-05-2015, 11:32
Conquest Conquest is offline
Friend
 
Join Date: Jan 2013
Location: 0x484F4D45
Posts: 105
Rept. Given: 46
Rept. Rcvd 29 Times in 17 Posts
Thanks Given: 24
Thanks Rcvd at 41 Times in 20 Posts
Conquest Reputation: 29
Quote:
Originally Posted by Carbon View Post
Maybe you should become active?
- Create feature requests: https://bitbucket.org/mrexodia/x64_dbg
- Ask plugin authors for a x64dbg version.
You misunderstood me, i am not looking for hiding features, some of the pluigns for olly like oreans unvmer and zeus are very important and unfortunately ,deathway isnt active recently(and i doubt with his busy schedule he will be interested in learning x64dbg) and i dont know ximo personally or how to contact him. I can write 1 or 2 small plugins may be but i am far less capable of creating something as good as theirs(or just too lazy).

But i got your point, it will be really cumbersome to provide olly compatibility .
Thanks for considering my advice though. Appreciate it.
Reply With Quote
  #175  
Old 04-05-2015, 11:38
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 497
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 92
Thanks Rcvd at 745 Times in 355 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Compatibility with OllyDbg plugins is not possible, just because the architecture is completely different. Maybe I could do some exports ollydbg has, but those would already require plugin patching or some weird dll called 'OllyDbg.exe' that was somehow loaded in x64dbg and the plugin at the same time (first load OllyDbg.exe in x64_dbg and then load the plugin in x64_dbg?).

Feel free to give it a shot.

For plugins that only use a few APIs it might be possible to do with some hacks, but apart from that I doubt it is possible.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #176  
Old 04-05-2015, 18:25
Carbon Carbon is offline
VIP
 
Join Date: Sep 2013
Posts: 113
Rept. Given: 7
Rept. Rcvd 189 Times in 48 Posts
Thanks Given: 0
Thanks Rcvd at 57 Times in 18 Posts
Carbon Reputation: 100-199 Carbon Reputation: 100-199
Olly has 188 exported functions. That is insane.

Oreans UnVirtualizer 1.8 uses 27 functions. Emulation is possible. But some APIs are really difficult to emulate (in my opinion).
Code:
_Addsorteddata (hard)
_Addtolist (easy)
_Createsorteddata (hard)
_Deletesorteddata (hard)   
_Deletesorteddatarange (hard)
_Destroysorteddata (easy)      
_Disasm (easy)                  
_Finddecode (hard)             
_Findmemory (easy)             
_Findmodule (easy)             
_Findname (hard)             
_Flash (easy)                  
_Getsortedbyselection (hard) 
_Infoline (easy)               
_Painttable (hard)          
_Plugingetvalue (easy)         
_Pluginreadintfromini (easy)   
_Pluginreadstringfromini (easy)
_Pluginwriteinttoini (easy)    
_Progress (easy)               
_Quicktablewindow (hard)
_Readmemory (easy)            
_Registerpluginclass (easy)    
_Setcpu (hard)              
_Tablefunction (hard)         
_Unregisterpluginclass (easy)  
_Writememory (easy)
__________________
My blog: https://ntquery.wordpress.com
Reply With Quote
  #177  
Old 04-06-2015, 07:44
Jupiter's Avatar
Jupiter Jupiter is offline
Lo*eXeTools*rd
 
Join Date: Jan 2005
Location: Moscow, Russia
Posts: 174
Rept. Given: 24
Rept. Rcvd 54 Times in 31 Posts
Thanks Given: 4
Thanks Rcvd at 66 Times in 17 Posts
Jupiter Reputation: 54
Lightbulb Poll options update

Please, update poll options. Currently there are only 3 options excluding the most important one: "Yes, as x64 debugger"

Would you use this debugger?
  • Yes, as x64 debugger
  • Yes (mainly x32)
  • Not at all
  • Yes, if it gets better (please post feature suggestions)
__________________
EnJoy!
Reply With Quote
The Following User Gave Reputation+1 to Jupiter For This Useful Post:
mr.exodia (04-07-2015)
  #178  
Old 04-07-2015, 00:44
Hypnz Hypnz is offline
Friend
 
Join Date: Oct 2014
Posts: 40
Rept. Given: 6
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 169
Thanks Rcvd at 22 Times in 18 Posts
Hypnz Reputation: 1
U can also add another one. -Yes, As x32 and x64 debugger.
Reply With Quote
  #179  
Old 04-07-2015, 01:12
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 497
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 92
Thanks Rcvd at 745 Times in 355 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
When i made the poll I meant to make the "Yes (mainly x32)" "Yes (mainly x64)" the typo was never fixed now added the option.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #180  
Old 05-01-2015, 02:00
Carbon Carbon is offline
VIP
 
Join Date: Sep 2013
Posts: 113
Rept. Given: 7
Rept. Rcvd 189 Times in 48 Posts
Thanks Given: 0
Thanks Rcvd at 57 Times in 18 Posts
Carbon Reputation: 100-199 Carbon Reputation: 100-199
Please remove the poll, because it is useless. With further improvements more and more users will use this debugger.

Have you thought about supporting more OS? Like linux x86/x64? I don't know how good the win code separation is but supporting another OS will be a killer. If your code is good you only need to replace titanengine, because qt is platform independent anyway.

Creating the basic linux debugger functions is as easy as in windows.
e.g. https://github.com/tuco86/edb-debugger/blob/master/plugins/DebuggerCore/unix/linux/DebuggerCore.cpp

PS: Please create a new snapshot with the new plugin icon stuff
__________________
My blog: https://ntquery.wordpress.com
Reply With Quote
Reply

Tags
bit, debugger, x32, x64, x64_dbg

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
AdvancedScript x64dbg Plugin ahmadmansoor Developer Section 14 10-15-2019 00:35
DBG2AP - x64dbg plugin Agmcz Community Tools 1 06-15-2019 07:14
nfd - x64dbg plugin hors Community Tools 2 04-01-2018 08:18
CopyToAsm - x64dbg plugin mrfearless Community Tools 0 03-04-2018 08:36
x64dbg python Storm Shadow Developer Section 6 08-04-2017 15:29


All times are GMT +8. The time now is 10:40.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX