<pmhdii> Ok . What is Address Offset ? For ex: ss:[eax+300] For ex: ss:[eax+30C] 300 30C This Is address offset ? This address mapped to virtual address ?
<l1unk> both are offsets (re @pmhdii: Ok . What is Address Offset ? For ex: ss:[eax+300] For ex: ss:[eax+30C] 300 30C This Is address offset ? This address mapped to virtual address ?)
<mrexodia> Probably eax contains a pointer to a structure and the 300 and 30c are offsets from that bade (re @pmhdii: Ok . What is Address Offset ? For ex: ss:[eax+300] For ex: ss:[eax+30C] 300 30C This Is address offset ? This address mapped to virtual address ?)
<chief> how to remove x64dbg from the right click menu
<chief> nobody with a mod role so ill ping @mrexodia as you probably own the program
<morsisko> reverse it
<chief> reverse what
<morsisko> the setup file that adds the thing to context menu
<GroupAnonymousBot> Q: How do I remove the Debug with x64dbg entries from my context menu? A: Download & execute this regfile (remember to Save as...).
<chief> thanks groupanonymous
<pmhdii> Thanks thanks (re @mrexodia: Probably eax contains a pointer to a structure and the 300 and 30c are offsets from that bade)
<pmhdii> Thanks (re @l1unk: both are offsets)
<mrexodia> Hello @torusrxxx
<mrexodia> Hope you’re doing well
<fauxlefam> Guys, how do you deal with addresses that are not directly editable in the main window? like I found a potential string but it redirect me to the dump. I can change it there but how do I gather more information about this address?
<morsisko> breakpoint on read
<fauxlefam> Ah I see
<fauxlefam> let me debug this thing further
<fauxlefam> Can't quite figure it out here...if I set a breakpoint on read I get redirected to ntdll.dll debugging there usually causes me to rise an access violation error
<fauxlefam> I dont think patching that file is a good idea lol
<morsisko> well this is related more to RE, not to the x64dbg itself
<morsisko> probably it just garbage at this point, and it gets reallocated at ntdll
<fauxlefam> how am I suppose to tackle this issue? the idea is to remove a button but there are no direct strings found by x64dbg
<morsisko> first step would be to move forward and debug the target as the strings weren't present
<morsisko> but again, this is channel about x64dbg and this is question about reverse engineering
<Senton> Hi! How to remove x64dbg from the Windows 10 Context Menu (Right Click Panel)?
<morsisko> Q: How do I remove the Debug with x64dbg entries from my context menu?
<Senton> A: ?
<morsisko> did you click the link?...
<Senton> yes thanks, it's a reg file
<treb> Is there any way to directly compare which instructions are used in one program vs the ones of a very similar one
<treb> Specifically one that is validated with a key compared to one which isn’t
<treb> I’ve heard about trace into but I couldn’t figure out how to utilize the log file it outputs
<treb> Same for animate
<treb> Willing to pay if whatever help I receive is meaningful as I’m kinda on a deadline
<mrexodia> Tracing will get you the data you need probably, but there’s no functionality in x64dbg to do the diffing. Another option is to log all branches to a text files and see where things start to differ