Exetools  

Go Back   Exetools > General > x64 OS

Notices

Reply
 
Thread Tools Display Modes
  #31  
Old 11-16-2016, 20:21
mak mak is offline
Friend
 
Join Date: Feb 2010
Posts: 30
Rept. Given: 10
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 22
Thanks Rcvd at 29 Times in 12 Posts
mak Reputation: 2
AttachHelper plugin for x64dbg

This plug-in automatically restores that "DbgBreakPoint", "DbgUiRemoteBreakin".

http://www.mediafire.com/file/priwaetcn9g4lp4/x64dbg_AttachHelper.zip
Reply With Quote
The Following 4 Users Say Thank You to mak For This Useful Post:
Indigo (07-19-2019), niculaita (11-17-2016), pps44 (11-19-2016), quygia128 (12-07-2016)
  #32  
Old 11-20-2016, 04:57
mak mak is offline
Friend
 
Join Date: Feb 2010
Posts: 30
Rept. Given: 10
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 22
Thanks Rcvd at 29 Times in 12 Posts
mak Reputation: 2
OW Imports
by: qwerty9384 / bloodwrath
released: 11.13.2016

summary:
this plugin adds the 'oiu' command to x64dbg. executing the command with the IAT's base address will label all obfuscated winapi imports and log the address / label names in the x64dbg log tab. generated labels are automatically deleted once you stop debugging. behavior is undefined if used on any other address or if you run the command more than once per debug session.

note:
the IAT is dynamically built some time between the second TLS callback and the creation of the second thread.

how to use:
1. click on the "Memory Map" tab in x64dbg.
2. find the first region (lowest address) of virtual memory of size 0x3000. it's always near the top of the mem map table.
3. go to this region's base address in the disassembly view.
4. you should see something like this:
00000000000B0000 | 48 | MOVABS RAX, iphlpapi.7FEF9F73F33 |
00000000000B000A | 48 | ADD RAX, 39F9 |
00000000000B0010 | 71 | JNO B0014 |
5. click the base address, press 'ALT+INSERT' to copy the address.
6. press 'CTRL+ENTER' to focus the cmd line.
7. type 'oiu ', paste the address, press enter.
8. check the log for the import name / address dump.
9. all labels will be automatically removed when you stop debugging.


http://www.mediafire.com/file/5zorao...ats.me%5D_.zip
Reply With Quote
The Following User Says Thank You to mak For This Useful Post:
Indigo (07-19-2019)
  #33  
Old 11-22-2016, 17:07
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 499
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 94
Thanks Rcvd at 751 Times in 357 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@mak could you give sources of where the plugins came from?
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #34  
Old 11-25-2016, 19:04
mak mak is offline
Friend
 
Join Date: Feb 2010
Posts: 30
Rept. Given: 10
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 22
Thanks Rcvd at 29 Times in 12 Posts
mak Reputation: 2
Quote:
Originally Posted by mr.exodia View Post
@mak could you give sources of where the plugins came from?
Files indicate the source, once again

OW Imports https://www.unknowncheats.me/forum/o...in-x64dbg.html

AttachHelper plugin for x64dbg https://forum.tuts4you.com/
The author was asked to send the plugin to you, but dont know if he did it.
Reply With Quote
The Following User Says Thank You to mak For This Useful Post:
Indigo (07-19-2019)
  #35  
Old 01-06-2017, 22:58
dave_omirora dave_omirora is offline
VIP
 
Join Date: Dec 2006
Location: Osaka
Posts: 176
Rept. Given: 24
Rept. Rcvd 75 Times in 34 Posts
Thanks Given: 13
Thanks Rcvd at 61 Times in 41 Posts
dave_omirora Reputation: 76
x64 dbg that have support new api for Hasp protected?
I can't open program.
Reply With Quote
The Following User Says Thank You to dave_omirora For This Useful Post:
Indigo (07-19-2019)
  #36  
Old 01-07-2017, 07:36
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 499
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 94
Thanks Rcvd at 751 Times in 357 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@dave_omirora you have to be more specific than that. Could you open an issue on http://issues.x64dbg.com?
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #37  
Old 01-27-2017, 04:35
user1's Avatar
user1 user1 is offline
Family
 
Join Date: Sep 2012
Location: Romania
Posts: 834
Rept. Given: 422
Rept. Rcvd 113 Times in 61 Posts
Thanks Given: 487
Thanks Rcvd at 442 Times in 266 Posts
user1 Reputation: 34
When is planned to release an stable version? I m using 5 may 2016 release, but latest nighty builds are only for debug testing.
Reply With Quote
The Following User Says Thank You to user1 For This Useful Post:
Indigo (07-19-2019)
  #38  
Old 03-23-2017, 04:47
serseri_1453 serseri_1453 is offline
Friend
 
Join Date: Mar 2014
Location: Turkey
Posts: 20
Rept. Given: 40
Rept. Rcvd 13 Times in 4 Posts
Thanks Given: 73
Thanks Rcvd at 3 Times in 3 Posts
serseri_1453 Reputation: 13
Quote:
Originally Posted by quygia128 View Post
My first plugin for x64_dbg, this plugin for test only.(32bit support)

Follow in file readme.txt to get more information.

greetz
quygia128
alternatif link please mega or mediafire etc...
Reply With Quote
The Following User Says Thank You to serseri_1453 For This Useful Post:
Indigo (07-19-2019)
  #39  
Old 06-25-2020, 22:59
korosh korosh is offline
Friend
 
Join Date: May 2007
Posts: 79
Rept. Given: 99
Rept. Rcvd 26 Times in 16 Posts
Thanks Given: 15
Thanks Rcvd at 18 Times in 10 Posts
korosh Reputation: 26
Hello guys,
Wish we had a plugin section on x64dbg github !
We have dead link for plugins here.
Thanks
Reply With Quote
  #40  
Old 06-27-2020, 05:45
atom0s's Avatar
atom0s atom0s is offline
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 287
Rept. Given: 25
Rept. Rcvd 103 Times in 49 Posts
Thanks Given: 47
Thanks Rcvd at 483 Times in 196 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
There is a public list of plugins maintained on their GitHub wiki here:
https://github.com/x64dbg/x64dbg/wiki/Plugins
__________________
Personal Projects Site: https://atom0s.com
Reply With Quote
The Following User Says Thank You to atom0s For This Useful Post:
niculaita (06-27-2020)
  #41  
Old 08-16-2020, 15:18
hp3 hp3 is offline
Friend
 
Join Date: Oct 2011
Posts: 67
Rept. Given: 19
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 53
Thanks Rcvd at 16 Times in 11 Posts
hp3 Reputation: 2
problem in plug in

hi
why some time come this error when use pluging
Attached Images
File Type: jpg E1.jpg (107.9 KB, 8 views)
Reply With Quote
  #42  
Old 08-16-2020, 15:47
atom0s's Avatar
atom0s atom0s is offline
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 287
Rept. Given: 25
Rept. Rcvd 103 Times in 49 Posts
Thanks Given: 47
Thanks Rcvd at 483 Times in 196 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
Means that it failed to do some of its work to hook something within its 'DetourCreateRemote32' call. Hard to say which API failed to hook though since that function is used for multiple things. You may want to file a bug report for it here:
https://github.com/x64dbg/ScyllaHide/issues
__________________
Personal Projects Site: https://atom0s.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
using x64_dbg rcer General Discussion 8 09-06-2015 08:28


All times are GMT +8. The time now is 11:36.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2020 )