Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Oct 22 13:15
    AppVeyorBot commented #2771
  • Oct 22 12:55
    ZehMatt synchronize #2771
  • Oct 22 12:54
    ZehMatt synchronize #2771
  • Oct 22 11:55
    mrexodia commented #2770
  • Oct 22 11:54

    mrexodia on development

    fix #2769 Merge pull request #2770 from t… (compare)

  • Oct 22 11:54
    mrexodia closed #2770
  • Oct 22 11:54
    mrexodia closed #2769
  • Oct 22 11:54
    mrexodia edited #2770
  • Oct 22 11:54
    mrexodia commented #2768
  • Oct 22 11:54

    mrexodia on development

    minor enhancement Merge pull request #2768 from t… (compare)

  • Oct 22 11:54
    mrexodia closed #2768
  • Oct 22 11:52
    mrexodia closed #2754
  • Oct 22 11:52
    mrexodia labeled #2754
  • Oct 22 11:51
    AppVeyorBot commented #2771
  • Oct 22 11:31
    torusrxxx commented #2709
  • Oct 22 11:29
    ZehMatt opened #2771
  • Oct 22 11:06
    AppVeyorBot commented #2770
  • Oct 22 10:47
    torusrxxx opened #2770
  • Oct 22 04:00
    xtayaitak commented #2769
  • Oct 22 03:16
    xtayaitak commented #2769
x64dbgbot
@x64dbgbot
<morsisko> Because i see this can get more complicated then
x64dbgbot
@x64dbgbot
<mrexodia> Yeah the apis should be thread safe (re @x64dbg_bot: <morsisko> Damn this is good idea, but can i call the x64dbg from other threads in safe manner?)
x64dbgbot
@x64dbgbot
<mrfearless> I did create an x64dbg plugin for auto updating, but I never released it publicly, just as a test to a few users - seemed to work mostly ok - altho there was an occasional crash if exiting x64dbg whilst that thread was active for that plugin - cant recall if i resolved that, so thats the only thing to worry about as far as i know.
x64dbgbot
@x64dbgbot
<testpil0t> That sounds interesting. I personally would prefer to have it on chocolatey tho (re @mrfearless: I did create an x64dbg plugin for auto updating, but I never released it publicly, just as a test to a few users - seemed to work mostly ok - altho there was an occasional crash if exiting x64dbg whilst that thread was active for that plugin - cant recall if i resolved that, so thats the only thing to worry about as far as i know.)
x64dbgbot
@x64dbgbot
<EvilSapphire> In CB_MENUENTRY callback function can we ever get an hEntry value from x32dbg that was not registered while registering the menus with _plugin_menuaddentry?
x64dbgbot
@x64dbgbot
<mrfearless> well the info pointer of CBMENUENTRY points to the PLUG_CB_MENUENTRY structure, which has the hEntry field
<mrfearless> you would only be able to check the hEntry against menu items you yourself added for your plugin
<mrexodia> Should not be possible (re @EvilSapphire: In CB_MENUENTRY callback function can we ever get an hEntry value from x32dbg that was not registered while registering the menus with _plugin_menuaddentry?)
<mrexodia> Personally I use an enum
<mrfearless> same - altho in asm its just static vars: ; Plugin Menu IDs
MENU_OPTIONS EQU 1
MENU_CHECKNOW EQU 2
MENU_CHECKNOW_SILENT EQU 3
MENU_CHECKONSTARTUP EQU 4
MENU_CHECKONIDLE EQU 5
MENU_REMINDDOWNLOADED EQU 6
MENU_ABOUT EQU 7
x64dbgbot
@x64dbgbot
<mrexodia> Yeah it’s your own enum that you get back
<mrexodia> Internally there is another id but it’s not exposed iirc
x64dbgbot
@x64dbgbot
<EvilSapphire> In scyllahide the CB_MENUENTRY function checks for the passed hEntry via a switch case and there's cases for the registered entries, but also a default case where the actual hookdll injection happens
<mrexodia> I don’t think it’s called
<EvilSapphire> What do you mean?
<EvilSapphire> It definitely registers a menu
<EvilSapphire> With menu entries for about, injection etc
<EvilSapphire> With the entry ids that are checked with a switch case on the callback CB_MENUENTRY registered function
<EvilSapphire> From what you guys say I'm doubtful execution would even reach the default case (re @EvilSapphire: In scyllahide the CB_MENUENTRY function checks for the passed hEntry via a switch case and there's cases for the registered entries, but also a default case where the actual hookdll injection happens)
<EvilSapphire> Registering the menus with the MENU_* entries:
<mrexodia> Yeah that’s what I meant (re @EvilSapphire: From what you guys say I'm doubtful execution would even reach the default case)
<mrexodia> The MENU_XXX will be in the hEntry
<mrexodia> But there’s no default case iirc
<mrfearless> maybe if hEntry is 0?
x64dbgbot
@x64dbgbot
<mrfearless> but seems unlikely
<EvilSapphire> When will hEntry be zero?
<mrfearless> not sure, just throwing out an idea
<mrexodia> If your MENU_xxx == 0 (re @EvilSapphire: When will hEntry be zero?)
<mrfearless> yeh true
x64dbgbot
@x64dbgbot
<EvilSapphire> Yeah but these 3 are the entries registered by scyllahide:
<mrexodia> No, those are the callbacks
<EvilSapphire> And this callback switch case handles each of the registered entries:
<EvilSapphire> Oh sorry
<EvilSapphire> Wrong screenshot
<EvilSapphire> Wait
<mrexodia> Hm
<mrexodia> This is very weird
<EvilSapphire>
<EvilSapphire> These are the registered entries
<mrexodia> Ahhh
<mrexodia> So default
<mrexodia> Is the profile menus
<EvilSapphire> Oh crap
<EvilSapphire> Yes yes
<EvilSapphire> So scyllahide supports profiles too? The hell that means
<EvilSapphire> As if the plugin wasn't complicated enough
<EvilSapphire> Thanks Duncan!
<mrexodia> There are much simpler plugins ^^ (re @EvilSapphire: As if the plugin wasn't complicated enough)
<EvilSapphire> For anti anti debug?
<EvilSapphire> Better than scyllahide?