Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 08:38
    AppVeyorBot commented #2901
  • 08:20
    eltimen opened #2901
  • Jul 02 22:32
    playday3008 commented #2900
  • Jul 02 21:09
    playday3008 commented #2900
  • Jul 02 21:04
    playday3008 commented #2900
  • Jul 02 20:20
    playday3008 labeled #2900
  • Jul 02 20:20
    playday3008 opened #2900
  • Jul 02 01:44
    gmh5225 commented #2899
  • Jul 02 01:42
    gmh5225 commented #2899
  • Jul 02 01:41
    gmh5225 commented #2899
  • Jul 01 18:32
    mrexodia commented #2899
  • Jul 01 18:30
    mrexodia edited #2899
  • Jul 01 17:41
    AppVeyorBot commented #2899
  • Jul 01 17:22
    gmh5225 commented #2898
  • Jul 01 17:21
    gmh5225 opened #2899
  • Jul 01 16:32
    gmh5225 commented #2898
  • Jul 01 16:32
    gmh5225 labeled #2898
  • Jul 01 16:32
    gmh5225 opened #2898
  • Jul 01 16:07
    gmh5225 commented #2814
  • Jul 01 16:07
    gmh5225 commented #2814
x64dbgbot
@x64dbgbot
<SunBeam> 48 ?? ?? <- that can be anything else but MOV RCX,RAX
<SunBeam> another problem..
<SunBeam> 00007FF763AE270E | 48:8B0D 33F51D03 | MOV RCX,QWORD PTR DS:[7FF766CC1C48]
<SunBeam> if I were to use that plugin on x64
<SunBeam> I can't "select the bytes" of MOV RCX,QWORD PTR DS:[7FF766CC1C48]
<SunBeam> because they are based on RIP
<SunBeam> 48:8B0D [33F51D03] <- those last 4 are based on position of the array of bytes; where rip is at
<SunBeam> so I can't scan entire map for 48:8B0D 33F51D03
<SunBeam> as it would only find 1 single result.. that spot
<SunBeam> it's not like in x86 where you have the address as part of the array of bytes
<qlrdwe> now im curious what the original message was about 😳 (re @fabio1337br: Not only that. The Intel developers would have to bake new chips on the fabs specially for you. Not to mention changing the design prior to that. Unless they have hidden locked features under special opcodes.)
<SunBeam> so finding all code locations where 7FF766CC1C48 is used won't work with scanning for 48 8B 0D ?? ?? ?? ??
<SunBeam> as that would return all sorts of addresses based on rip by those wildcards
<SunBeam> doing Ctrl+F in x64dbg and pasting MOV RCX,[0x7FF766CC1C48] does find all instances; and that's cuz of how Ctrl+F is implemented in x64dbg (it doesn't do scanning like that plugin that was referred)
<SunBeam> but it's limited to 1 single command scan
<SunBeam> so you can't find a sequence of 2 or 3, the MOV + other lines
x64dbgbot
@x64dbgbot
<Atn> @SunBeam, ok I got some bugs in the plugin while I trying to code this script (search for 3 sequence commands ) :), I will fix them and write the script and post the update .
lingo9
@lingo9
Hi, any hint on how to patching loaded exe file? Cuz patching can only be used during debugging, but meanwhile the exe file is locked.
x64dbgbot
@x64dbgbot
<fabio1337br> In an EXE file loaded by x64dbg or in an EXE file loaded only by windows? (re @x64dbg_bot: <lingo9> Hi, any hint on how to patching loaded exe file? Cuz patching can only be used during debugging, but meanwhile the exe file is locked.)
1 reply
x64dbgbot
@x64dbgbot
<aliramezani12> hi everyone
I have questions
how can I get list of disassembled instructions from x64dbg?
Which class does the disassemb ? Beaengine or disasm_fast or ... ?
x64dbgbot
@x64dbgbot
<fabio1337br> Click on to the lower left pane (Dump 1) CTRL+G, then paste the address you want 000000000099F60A in my case, select the bytes, binary - > edit (re @x64dbg_bot: <lingo9:matrix.org> In x64dbg, and of course by windows too.)
<SunBeam> there is a feature called Patching in x64dbg
<SunBeam> and yes, the current file's handle will always be locked; it doesn't make sense to patch the current running one o_O
<SunBeam> so give it another name when using Patching > file1.exe
<SunBeam> it will be a copy of the original + your patched bytes
<SunBeam> then delete the original, rename file1.exe to file.exe and you're set
<SunBeam> (of course, after closing x64dbg)
1 reply
<fabio1337br> Sorry I thought it was memory patching (re @x64dbg_bot: <SunBeam> there is a feature called Patching in x64dbg)
<SunBeam> man, if you want the changes to be applied to the physical file, then that's how
<SunBeam> if not, simply modifying some command in x64dbg while the process is running is the actual 'patching' (e.g.: change a 'MOV RAX,RCX' on a line to something else == memory patching)
x64dbgbot
@x64dbgbot
<sodaxml> does x64dbg work the same as HxD? (not trying to advertise against this)
x64dbgbot
@x64dbgbot
<sodaxml> or better question
<sodaxml> do all hex editors work the same?
<sodaxml> i'm trying to crack steam games i have bought for fun
x64dbgbot
@x64dbgbot
<kaens> X64dbg isn't a "hex editor", its functionality has very different priorities, so yes there are better ones
x64dbgbot
@x64dbgbot
<sodaxml> how do you make a bot talk
<sodaxml> and thanks
x64dbgbot
@x64dbgbot
<Adam> Hello everybody!!!
<Adam> I am a reverse engineering expert.
<Adam> Any time I can work for you
x64dbgbot
@x64dbgbot
<mrexodia> I posted the required sources to implement this feature, just take a few hours to do it...
x64dbgbot
@x64dbgbot
<SunBeam> sadly, my coding skills are close to zero
<SunBeam> but if you meant you would do it when you can, then no rush
<SunBeam> I know it's a wanted feature :)
x64dbgbot
@x64dbgbot
<mrexodia> I will not do it ^^
<mrexodia> maybe one day if I need it
x64dbgbot
@x64dbgbot
<sodaxml> OHH that's matrix
<sodaxml> it's a matrix thing
<sodaxml> with element
x64dbgbot
@x64dbgbot

<hackdynamics> Free VPN
У Нас открылся Бесплатный VPN сервер. Данные для входа:


Сервер: dchub.one
Логин: vpn
Пароль: vpn
Ключ: +Trd78hd84YDa90-
L2TP+IPSec
Welcome to DC++ https://dchub.one