Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 01:17
    AppVeyorBot commented #2994
  • 01:01
    mrexodia review_requested #2994
  • 01:00
    mrexodia commented #2994
  • 00:58
    Bytabyte opened #2994
  • Dec 09 13:27
    mrexodia commented #2993
  • Dec 09 02:05
    AppVeyorBot commented #2983
  • Dec 09 01:46
    Dynabits synchronize #2983
  • Dec 09 00:39
    Dynabits commented #2993
  • Dec 09 00:35
    Dynabits commented #2983
  • Dec 09 00:32
    Dynabits labeled #2993
  • Dec 09 00:32
    Dynabits opened #2993
  • Dec 08 14:10

    mrexodia on development

    Rename 'Origin' to 'EIP/RIP' Allow calling GuiDisasmAt with … Add a working 'Sync with CPU' o… and 2 more (compare)

  • Dec 08 08:03
    fairycn commented #2991
  • Dec 08 07:53
    fairycn edited #2992
  • Dec 08 07:50
    fairycn edited #2992
  • Dec 08 07:25
    fairycn edited #2992
  • Dec 08 07:24
    fairycn labeled #2992
  • Dec 08 07:24
    fairycn opened #2992
  • Dec 08 07:18
    fairycn commented #2991
  • Dec 08 06:37
    fairycn edited #2991
x64dbgbot
@x64dbgbot
<gt853> why not do utf8(r11) == "W" (re @feketeimre: image.png)
x64dbgbot
@x64dbgbot
<mrexodia> The problem is that r11 isn't a pointer to a string, it's a character (re @feketeimre: Different problem but might be related: After opening an existing breakpoint and saving it, the apostrophe disappears from the log condition.)
<mrexodia> you can just do r11 == 0x57
x64dbgbot
@x64dbgbot
<Rima766> im trying to find a specific string , but the code was obfuscated. is there any method to find it?
<mrexodia> I fixed this functionality in x64dbg. It was supposed to be there already, but it was half-finished. The working option is called 'Sync with CPU' (re @oleedd: I know. I need this (left side):)
x64dbgbot
@x64dbgbot
<edFTs> I tried cracking the password to this but i can't is anyone up for the challenge?:
<el_garro> Not the group for it, but sounds fun, I'll tackle it in the afternoon (re @edFTs: I tried cracking the password to this but i can't is anyone up for the challenge?)
<edFTs> oh sorry I'm new i should have probably read the rules here first
<edFTs> sure let me know what you find though? Thanks (re @el_garro: Not the group for it, but sounds fun, I'll tackle it in the afternoon)
<el_garro> oh that's an ELF, I don't have a linux box at hand (re @edFTs: I tried cracking the password to this but i can't is anyone up for the challenge?)
<edFTs> oh shoot sure sir, what tool would you recomment i try using to crack it though?
<edFTs> recommend*
x64dbgbot
@x64dbgbot
<el_garro> I'll try IDA, just static analysis tho (re @edFTs: oh shoot sure sir, what tool would you recomment i try using to crack it though?)
<edFTs> sure that's fine. print("".format("Thank you"))
x64dbgbot
@x64dbgbot
<el_garro> (re @edFTs: sure that's fine. print("".format("Thank you")))this is the source code for that thing, looks amateurish to me:
<el_garro> This won't print anything btw (re @edFTs: sure that's fine. print("".format("Thank you")))
<duck> you have a darkmode for IDA?
<el_garro> Yep, it comes with it (re @duck: you have a darkmode for IDA?)
<duck> i gotta look into that wow
<edFTs> ow typo! (re @el_garro: This won't print anything btw)
<Magnius> Why ida when ghidra exists?
<el_garro> Options -> Colors -> Theme (on the top) (re @duck: i gotta look into that wow)
<EvilSapphire> Why ghidra when pe bear exists (re @Magnius: Why ida when ghidra exists?)
<duck> thank you very much @.el_garro
<edFTs> i tried Ghidra could make out the content prperly
<el_garro> The very few perks of living in a "pirate" country (re @Magnius: Why ida when ghidra exists?)
<edFTs> 😂 (re @EvilSapphire: Why ghidra when pe bear exists)
<Magnius> Why pe bear when hex editors are widespread
x64dbgbot
@x64dbgbot
<edFTs> IDA? (re @el_garro: this is the source code for that thing, looks amateurish to me)
<el_garro> Yes, IDA Pro, the free one doesn't have a decompiler (re @edFTs: IDA?)
<edFTs> oh, Thanks again @el_garro
Fekete Imre
@feketeimre

<mrexodia> you can just do r11 == 0x57

<gt853> why not do utf8(r11) == "W"
Okay that was a bad example. I want to log on text match like: strstr(utf8(rdi), "notepad.exe\")

Interestingly the slash gets duplicated if i repoen the breakpoint window
Also the disappearing apostrophe problem only happens with " and not with '
x64dbgbot
@x64dbgbot

<mrexodia> the condition you wrote should work (re @x64dbg_bot: <feketeimre> > <mrexodia> you can just do r11 == 0x57

<gt853> why not do utf8(r11) == "W"
Okay that was a bad example. I want to log on text match like: strstr(utf8(rdi), "notepad.exe\"))

<mrexodia> You can try to evaluate it directly in the command bar first to check if the functionality works
<mrexodia> Also if you're using an old version (few months old) you should update because I fixed some bugs with it
x64dbgbot
@x64dbgbot
<Scylla_Hide> Is there a collection of x64dbg scripts somewhere? (i have the ones already from x64dbg github)
x64dbgbot
@x64dbgbot
<Pm> Hi
<Pm> I need help unlocking themida 3.xx
x64dbgbot
@x64dbgbot
<mrexodia> No, are you looking for help with something specific? (re @Scylla_Hide: Is there a collection of x64dbg scripts somewhere? (i have the ones already from x64dbg github))
x64dbgbot
@x64dbgbot
<Scylla_Hide> no im looking for example to understand how to start scripting
x64dbgbot
@x64dbgbot
<mrexodia> Then let me phrase it differently: what is your goal? (re @Scylla_Hide: no im looking for examples to understand how to start scripting.)
<mrexodia> Very often a conditional breakpoint is enough
x64dbgbot
@x64dbgbot
<mrfearless> sweet talking AI - just watching OALabs youtube video now
x64dbgbot
@x64dbgbot
<mrfearless> I now want a Binary Sorcerer plugin for x64dbg
x64dbgbot
@x64dbgbot
<Nosferatus96> I have some issues using the Step into function on a specific app, I set a bp on a particular address, from there i use F7/Step into and after some steps the rip teleports to random addresses in different modules, and the instructions were not jp or call or such
<Nosferatus96> And then I get 80000004, EXCEPTION_SINGLE_STEP, debugger unhooks
<Nosferatus96> could this be anti-debugging?
x64dbgbot
@x64dbgbot
<gt853> could be a different thread hitting a special instruction or something, try second chance on ECEPTION_SINGLE_STEP