Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 22 07:04
    idigger edited #2824
  • Jan 22 06:56
    idigger edited #2824
  • Jan 22 06:55
    idigger edited #2824
  • Jan 22 06:54
    idigger edited #2824
  • Jan 22 02:50
    Champollion9012 labeled #2825
  • Jan 22 02:50
    Champollion9012 opened #2825
  • Jan 22 00:26
    mrexodia commented #2824
  • Jan 22 00:05
    mrexodia commented #2824
  • Jan 22 00:03
    mrexodia commented #2824
  • Jan 22 00:02
    SirHerpDerp commented #2824
  • Jan 22 00:00
    SirHerpDerp commented #2824
  • Jan 21 12:30
    idigger labeled #2824
  • Jan 21 12:30
    idigger opened #2824
  • Jan 21 08:54

    torusrxxx on development

    fixed mnemonic brief not shown (compare)

  • Jan 19 00:12

    mrexodia on development

    Make all child dialogs respect … (compare)

  • Jan 19 00:04
    pka4916 commented #2801
  • Jan 19 00:02
    pka4916 opened #2823
  • Jan 19 00:02
    pka4916 labeled #2823
  • Jan 18 21:17
    SirHerpDerp commented #2821
  • Jan 18 19:56
    AppVeyorBot commented #2822
x64dbgbot
@x64dbgbot
<mrfearless> web site seems a bit devoid of info as well, plus doesnt seem to have a long history. I would consider these red flags myself. (re @mrexodia: Just beware that no source code is available for this plugin so I have no idea if it’s safe)
x64dbgbot
@x64dbgbot
<jack_frusciante> It does its work anyway and quite well .. every site and scanner says it’s clean. However mapo is an almost unknown company indeed .. (re @mrfearless: web site seems a bit devoid of info as well, plus doesnt seem to have a long history. I would consider these red flags myself.)
x64dbgbot
@x64dbgbot
<jack_frusciante> Anyone volunteering to dig Maposafe a bit? Sorry to ask I would normally do it myself but it’s not a good period. If it’s not malicious it works very very well
x64dbgbot
@x64dbgbot
<Atn> I try Script::Register::SetRAX(Regvalue) but it not change the rax value Regvalue=31
<Atn> anything I did wrong ?
x64dbgbot
@x64dbgbot
<Elvis> a bit update today for my x64dbg python plugin to prevent from hanging while running script
<Elvis> any feedback is welcome
x64dbgbot
@x64dbgbot
<Atn> Feedback
<Atn> 😂😂
x64dbgbot
@x64dbgbot
<Atn> anyone have this problem : Script::Register::SetRAX(Regvalue) not working
x64dbgbot
@x64dbgbot
<Atn> Ok I think I got the problem, it is changed, but need to update GUI
x64dbgbot
@x64dbgbot
<Atn> how to update disassembly + register view ?
<Atn> from plugin
x64dbgbot
@x64dbgbot
<mrexodia> It’s on my (very long) todo list to give it a try (re @x64dbg_bot: <Elvis> any feedback is welcome)
x64dbgbot
@x64dbgbot
<Elvis> Totally understand ha ha
<Elvis> Did you try Script::Gui::Refresh()?? It looks promise
x64dbgbot
@x64dbgbot
<Atn> No I fix it with api GuiUpdateRegisterView()
<Atn> Thanks for ur response
x64dbgbot
@x64dbgbot
<rio> hey, i'm a new user and also completely new to debugging, so i was wondering whether there were any general resources on the topic.
i have skimmed through the x64dbg docs, and they explain how to do a lot of things, but not (at least that i could see) what those things actually mean.
x64dbgbot
@x64dbgbot
<mrexodia> https://github.com/x64dbg/x64dbg/wiki/Frequently-Asked-Questions (re @x64dbg_bot: <rio> hey, i'm a new user and also completely new to debugging, so i was wondering whether there were any general resources on the topic.
i have skimmed through the x64dbg docs, and they explain how to do a lot of things, but not (at least that i could see) what those things actually mean.)
x64dbgbot
@x64dbgbot
<rio> thank you, i have to admit that i hadn't looked there at the time of writing. guess i'm gonna figure out the rest along the way.
x64dbgbot
@x64dbgbot
<saiestyas>
x64dbgbot
@x64dbgbot
<rio> mnemonic brief in the disassembler only shows up if there is already some kind of comment on that line, how can i make it so that it shows up on all lines?
x64dbgbot
@x64dbgbot
<Vosiyons> Hello
x64dbgbot
@x64dbgbot
<mrexodia> It should show up in all cases (re @x64dbg_bot: <rio> mnemonic brief in the disassembler only shows up if there is already some kind of comment on that line, how can i make it so that it shows up on all lines?)
<mrexodia> Might be a bug
x64dbgbot
@x64dbgbot
<rio> i'm guessing it's a feature that doesn't see much use 😉
<rio> should i open an issue on github or something like that?
x64dbgbot
@x64dbgbot
<mrexodia> yes (re @x64dbg_bot: <rio> should i open an issue on github or something like that?)
x64dbgbot
@x64dbgbot
<DaotrongChuong> Hi
x64dbgbot
@x64dbgbot
<DaotrongChuong> I have some questions I used the pro version of IDA but now it comes out GHIDRA version of the US Department of Homeland Security and I know that this security department they are the most powerful security department in the world No one can match but in your opinion, this application with IDA PRO is the best, can anyone give me an opinion, thank you very much or I will use both programs.
<apkunpacker> why you saying same thing in all groups ? (re @DaotrongChuong: I have some questions I used the pro version of IDA but now it comes out GHIDRA version of the US Department of Homeland Security and I know that this security department they are the most powerful security department in the world No one can match but in your opinion, this application with IDA PRO is the best, can anyone give me an opinion, thank you very much or I will use both programs.)
x64dbgbot
@x64dbgbot
<GroupAnonymousBot> Read the pin message. (re @DaotrongChuong: I have some questions I used the pro version of IDA but now it comes out GHIDRA version of the US Department of Homeland Security and I know that this security department they are the most powerful security department in the world No one can match but in your opinion, this application with IDA PRO is the best, can anyone give me an opinion, thank you very much or I will use both programs.)
x64dbgbot
@x64dbgbot
<GroupAnonymousBot> Looks like just spam/troll
<DaotrongChuong> I'm sorry that I think each group is different. I'm really sorry and I won't let it happen again and again. Thanks for reminding .
x64dbgbot
@x64dbgbot
<MankindExist_xD> Hui
x64dbgbot
@x64dbgbot
<MankindExist_xD> Very old group (re @mrexodia: Also I made this group public)
x64dbgbot
@x64dbgbot
<uafAdmin> Hello guys, I need a little help, a suggestion
<uafAdmin> I am doing malware analysis and this particular malware creates multiple RWX regions, decrypts code and writes to them. But the issue is it doesn't jump on starting of page, rather it jumps/calls somewhere in the middle of the page and then executes further. Since I don't know where it jumps/calls, I am looking for some plugin/reference on how to break if code starts executing from middle of page.
<uafAdmin> I guess one way would be change the memory protections of the RWX pages to PAGE_NOACCESS and then manually investigating there but if there's an already existing plugin/solution for that, please let me know. That would really help. :D
x64dbgbot
@x64dbgbot
<mrexodia> You might be able to use memory breakpoints (re @uafAdmin: I guess one way would be change the memory protections of the RWX pages to PAGE_NOACCESS and then manually investigating there but if there's an already existing plugin/solution for that, please let me know. That would really help. :D)
x64dbgbot
@x64dbgbot
<brigadir15> Hello! I have a breakpoint. How can write value of the register A (ebp, for example) into the log? A breakpoint has ``Log text'' parameter... What should I write there?
x64dbgbot
@x64dbgbot
<brigadir15> > rax: {rax} formats to rax: 4C76
And now I need to log memory content. Something like this:
{mem;1@ebp}
Works fine, but I need to show 1 byte from dereferenced ebp :-(
<brigadir15> Oh, @[ebp] worked fine... Sorry for bothering :-)
x64dbgbot
@x64dbgbot
<mrexodia> No worries, if you see any improvements to the documentation this is appreciated btw (re @brigadir15: Oh, @[ebp] worked fine... Sorry for bothering :-))
<brigadir15> Yes, it would be nice to have an example for such case in the documentation!
x64dbgbot
@x64dbgbot
<brigadir15> Since the documentation is on GitHub, could/should I propose a patch for an example? (re @mrexodia: No worries, if you see any improvements to the documentation this is appreciated btw)
<mrexodia> Yep! You can click “edit this page” (re @brigadir15: Since the documentation is on GitHub, could/should I propose a patch for an example?)
x64dbgbot
@x64dbgbot
<uafAdmin> Thanks. Will definitely check that out. Didn't think that works on multiple pages long memory allocations. (re @mrexodia: You might be able to use memory breakpoints)