by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Aug 14 23:48
    morsisko opened #2428
  • Aug 14 07:02
    rokups commented #1829
  • Aug 13 13:01
    qux-bbb opened #53
  • Aug 12 15:27
    mrexodia closed #2427
  • Aug 12 15:27
    mrexodia commented #2427
  • Aug 12 15:08
    wwh1004 commented #2427
  • Aug 12 15:08
    wwh1004 commented #2427
  • Aug 12 14:28
    mrexodia commented #2427
  • Aug 12 14:17
    wwh1004 opened #2427
  • Aug 12 14:14
    wwh1004 edited #2426
  • Aug 12 14:14
    wwh1004 reopened #2426
  • Aug 12 14:13
    wwh1004 closed #2426
  • Aug 12 14:05
    wwh1004 opened #2426
  • Aug 12 11:46
    torusrxxx closed #1317
  • Aug 12 11:45
    torusrxxx closed #2076
  • Aug 12 11:44
    torusrxxx closed #2096
  • Aug 12 11:44
    torusrxxx commented #2096
  • Aug 12 11:43
    torusrxxx closed #2160
  • Aug 12 11:43
    torusrxxx commented #2160
  • Aug 12 11:39
    torusrxxx commented #2184
x64dbgbot
@x64dbgbot
<mrexodia> No off topic or crack requests
x64dbgbot
@x64dbgbot
<Billhady> Hi here please i'm struggling on the isdebuggerpresent bypass on x64dbg of a software that can help me please
x64dbgbot
@x64dbgbot
x64dbgbot
@x64dbgbot
<Colton> alternatively you can use scyllahide
<Colton> It has worked flawlessly against virtually every commercial protector I've ran into
x64dbgbot
@x64dbgbot
<Billhady> Ah thanks
x64dbgbot
@x64dbgbot
<Nukem> @mrexodia I found a real dll with an insane amount of exports: https://i.imgur.com/Qc6ME9Y.png
<Nukem> fullgame.dll from horizon zero dawn
x64dbgbot
@x64dbgbot
<eri> Hi,Does x64dbg work in a Windows 10 32-bit environment?
<morsisko> you have x32dbg version
<eri> Thank you for your message. Sorry for I don't know download pase x32dbg.Please let me know the site?
<morsisko> it's the same as for x64dbg, just download it and inside you will have two folders x32 and x64
x64dbgbot
@x64dbgbot
<eri> Oh,Thank you ,I will try it
x64dbgbot
@x64dbgbot
<eri> I have some questions,
1 Can I do manual disassembly analysis or binary analysis?
2 Is it possible to run applications in a virtual environment, making malware analysis more secure?
3 Is there a printing function for the analysis results?
x64dbgbot
@x64dbgbot
<morsisko> It is x64dbg channel, not reverse engineering one, however
  1. Manual disassembly? You want to disassembly opcodes by hand? sure it is possible but it will take very very long time
  2. Yes just install any virtualization software
  3. I don't understand what do you mean by printing function for the analysis results
x64dbgbot
@x64dbgbot
<Matti> @Nukem does that dll blow up x64dbg or make it super slow or something?
<Nukem> no, it seems to work fine
<Nukem> it reminds me of the exotic PE file tests
<Matti> oh yeah haha
<Matti> corkami
<Nukem> it also has zero imports lol
<Matti> yeah I've seen files do that before, even non-obfuscated ones
x64dbgbot
@x64dbgbot
<Matti> same with zero exports
<Matti> I think some linkers are just shit
<Nukem> well in this case it's the game's scripting system (nodegraph based) compiled to a dll
<Nukem> ~158MB
<Matti> I know the borland (now embarcadero) linker loves to make duplicate import entries
<Matti> like, a file can import kernel32.Sleep 3 times
<Nukem> weird
<mrexodia> Haha true
<mrexodia> I read about it
<mrexodia> The reason is they go per object and just append the imports
<Matti> lol
<Matti> it's such shitty programming that it actually causes UPX to break
<Matti> that's how I know about it
<Nukem> is it really that hard to point them all to the same variable?
<Nukem> I don't get it
<mrexodia> It isn’t hard
<Matti> this is another good one by embarcadero
<Matti> 0 imports from shell32.dll, yet added an entry for it
<Nukem> lol
<Nukem> why?
x64dbgbot
@x64dbgbot
<Matti> fuck knows man
<Matti> it's an an ancient ancient bug as well
<Matti> well, I guess technically it's not REALLY a bug since it's a legal PE file
<Matti> it's just retarded
<Nukem> yeah
<Nukem> their compiler devs must be smoking crack
<mrexodia> Probably not untrue