|
View Poll Results: Would you use this debugger? | |||
Yes (mainly x32) | 92 | 28.75% | |
Not at all | 24 | 7.50% | |
Yes, if it gets better (please post feature suggestions) | 89 | 27.81% | |
Yes (mainly x64) | 115 | 35.94% | |
Voters: 320. You may not vote on this poll |
|
Thread Tools | Display Modes |
#76
|
||||
|
||||
Hi Mr.exodia
how I can get the line ( address + hex + assemble command ) at GUI ?. and how I can refresh the GUI after change some hex value ?
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#77
|
||||
|
||||
"invalid pe" Bug (Flash movie attached):
PHP Code:
__________________
Computer Forensics |
#78
|
|||
|
|||
@ahmadmansoor: Copying this is not yet possible, same for the plugin API. This is on the todo list however. Refreshing the GUI is possible using the following APIs:
Code:
BRIDGE_IMPEXP void GuiUpdateAllViews(); BRIDGE_IMPEXP void GuiUpdateRegisterView(); BRIDGE_IMPEXP void GuiUpdateDisassemblyView(); BRIDGE_IMPEXP void GuiUpdateBreakpointsView(); Greetings |
#79
|
||||
|
||||
"invalid pe" Bug Fix
Hi mr.exodia
no my friend the problem came form here ((DevicePathToPath)) specially from this command Quote:
this is how I modify the code to make it work Quote:
please try the attached files . bs : thanks for the hint for Refreshing GUI
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#80
|
|||
|
|||
well, i will try to debug dos, hope it support.
|
#81
|
|||
|
|||
@ahmadmansoor: you code does exactly the same. You function will not work with memdisks etc. strincmp just compares the beginning of the strings with the number of character of the device name. Take a look here for the source code from Scylla of this function: http://bitbucket.org/mrexodia/devicenameresolver
@nonepe: it will not work lol Greetings |
#82
|
|||
|
|||
@mr.exodia: I have to just say, I am truly amazed by your work so far - thus far, I have been able to work my way around several x64 targets that I probably wouldn't have been able todo properly with for instance IDA..
So thanks a million for this epic work bro, and thanks again for the testplugin that you made - really helped alot |
#83
|
|||
|
|||
@n00b: glad you like it! feel free to post feature suggestions anytime, so your experience can be improved.
Greetings |
#84
|
||||
|
||||
no it work very fine even with flash memory
Hi mr.exodia :
no my friend I am sure that my code work 100% with all devices , I have try it on flash memory and the driver was V:\ and it work very fine without any problem . I explain the problem ,why this happen with u . Look after u make the GetMappedFileNameA devicepath will be like this "\Device\HarddiskVolume19\T1\WinRAR\WinRAR.exe" const char * the important thing is (( \Device\HarddiskVolume19 )) -on my PC it is S:\ Disk- this is our harddisk or flash disk name form root . now u begin go in a loop to find the root name of each disk and make compare . when u reach the to disk which have a name like ur hard disk name but without (( 9 )) at the end (( \Device\HarddiskVolume1 )) <<< this is G:\ disk on my PC - and as will as ur length compare is wrong too so when u make compare with ur _strnicmp which will gave u the result = 0 so it pass the compare(if condition) and change the path of our exe to this "G9\T1\WinRAR\WinRAR.exe" ,by this the next check will wrong too by this string of path. then u will be not able to load the target . please try this package again I am sure 100% it work and I can upload a movie prove that it work .
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#85
|
||||
|
||||
Lol 163 views through 45 min ...
x64_dbg is become a very desired debugger .... very Good mr.exodia this is full package for both x32 and x64 , so anyone can try and give us the result pls . Quote:
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#86
|
|||
|
|||
@ahmadmansoor
There is still a bug with QueryDosDevice. This API cannot resolve all devices like encrypted devices. I had the same bug in scylla https://github.com/NtQuery/Scylla/commit/67d62b4a2c4d7561b53bd595ca1fda51416ac20f But there is still a problem with network devices.
__________________
My blog: https://ntquery.wordpress.com |
#87
|
||||
|
||||
nop my friend I try it on network folder and was working very will .
did u try the package my friend ?? I think I will upload a flash movie .
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#88
|
|||
|
|||
@ahmadmansoorn I think I see what was wrong with my code, but its fixed already using Aguila's code
Greetings |
#89
|
||||
|
||||
yes the problem come form (((ur length compare is wrong))
That all so no need ton of code to fix the problem ,that what I mean .
__________________
Ur Best Friend Ahmadmansoor Always My Best Friend: Aaron & JMI & ZeNiX |
#90
|
|||
|
|||
This code is needed for virtual drives (like ramdisks) like Carbon also said.
|
Tags |
bit, debugger, x32, x64, x64_dbg |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
AdvancedScript x64dbg Plugin | ahmadmansoor | Developer Section | 14 | 10-15-2019 00:35 |
DBG2AP - x64dbg plugin | Agmcz | Community Tools | 1 | 06-15-2019 07:14 |
nfd - x64dbg plugin | hors | Community Tools | 2 | 04-01-2018 08:18 |
CopyToAsm - x64dbg plugin | mrfearless | Community Tools | 0 | 03-04-2018 08:36 |
x64dbg python | Storm Shadow | Developer Section | 6 | 08-04-2017 15:29 |