Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Aug 16 14:50
    Tzvisapp commented #1861
  • Aug 16 11:44
    lyshark edited #2921
  • Aug 16 11:35
    lyshark edited #2921
  • Aug 13 23:16
    mrexodia commented #2926
  • Aug 13 22:19
    MaxBayne commented #2926
  • Aug 13 21:10
    mrexodia closed #2926
  • Aug 13 20:22
    mrfearless commented #2926
  • Aug 13 20:13
    MaxBayne opened #2926
  • Aug 13 20:13
    MaxBayne labeled #2926
  • Aug 13 15:06
    mrexodia labeled #2925
  • Aug 13 15:06
    mrexodia unlabeled #2925
  • Aug 13 15:06
    mrexodia labeled #2925
  • Aug 13 15:06
    mrexodia commented #2925
  • Aug 13 14:56
    ScyllaHide labeled #2925
  • Aug 13 14:56
    ScyllaHide opened #2925
  • Aug 10 17:58
    mrexodia closed #2924
  • Aug 10 17:58
    mrexodia commented #2924
  • Aug 10 17:39
    ELF-EXELABRU opened #2924
  • Aug 10 17:39
    ELF-EXELABRU labeled #2924
  • Aug 10 17:14
    moeray commented #2923
x64dbgbot
@x64dbgbot
<Matti> what with the 'idk' answers to questions like are you on the latest version combined with the URL in the profile
<Matti> discord profile* to clarify
x64dbgbot
@x64dbgbot
<EvilSapphire> Dang bots debugging other programs now? They're evolving Morty!
x64dbgbot
@x64dbgbot
<Matti> oh I legit read zero of the context
<Matti> so maybe I'm just a moron
<Matti> but I don't see how anyone could be so lazy as to answer 'idk' to a question someone asks you because they're trying to help you
<Matti> namely is that the same version as the latest on the site
<Matti> I've had this problem before where I couldn't tell if someone was simply lazy/stupid or an actual bot
<Matti> this AI thing is getting out of hand
x64dbgbot
@x64dbgbot
<mrfearless> should charge the amount of bitcoin it would cost to buy the product for #2797 - lol
<mrexodia> I banned that user and deleted the issue (re @mrfearless: should charge the amount of bitcoin it would cost to buy the product for #2797 - lol)
<mrfearless> concur
<mrfearless> looks like very specialized software anyhow
<mrfearless> requiring hardware keys and licenses
x64dbgbot
@x64dbgbot
<exploit1337> It's possible to get dump automatically after virtualalloc to save time ?
x64dbgbot
@x64dbgbot
<exploit1337> Or similar script to archive this
x64dbgbot
@x64dbgbot
<mrfearless> I imagine you could do it in a plugin, have breakpoints on VirtualAlloc - either manually or from the plugin itself perhaps. Then when breakpoint is triggered, plugin can check if it was for VirtualAlloc call, (determine length of alloc and store that) then it can single step, collect the value in eax, check its not null, then dump to file based on debuggee name + concat of "_dump"+ dumpNo for the length of the alloc
x64dbgbot
@x64dbgbot
<exploit1337> Thx , the issue is that there are about 200+ calls of virtualalloc and I need at least to check them at dump view to see the headers that interests me (re @mrfearless: https://twitter.com/IntezerLabs/status/1467842258653245445?s=20)
x64dbgbot
@x64dbgbot
<exploit1337> Which script I should check to get help?
x64dbgbot
@x64dbgbot
<exploit1337> So with xAnalyzer can i get exact argument values ?
<exploit1337> Only constants are shown
x64dbgbot
@x64dbgbot
<Gdhkeix> Hi all!
Im facing some problem on arm based Win11 with x64 emulation. For example if im injecting simple code to x64 process like
int 3
mov rbp, 0x11223344
nop
so when i hit first bp and step then mov instruction i see 0x11223344 in rbp, but when i step to nop rbp becomes zero (rbp == 0)!!! Is it binary translation bug?
Thnx in advance
x64dbgbot
@x64dbgbot
<Dimy> Hello guys, I feel like I'm missing something dumb but how can I log an adress relative to the module's base adresse ?
I tried the following but it only gives me some "???" in the log when opened with a text editor
https://cdn.discordapp.com/attachments/360907625837101067/917792764148727839/unknown.png
<Dimy> I tried to put the whole expression between{} so it gets evaluated but it doesn't work unfortunately, I'm probably missing something dumb
x64dbgbot
@x64dbgbot
<Rainb0wCodes_484> some apps doesnt show up
<Rainb0wCodes_484> such as Minecraft.Windows.exe
<Rainb0wCodes_484> only the applicationframehost is there
<Rainb0wCodes_484> i am running as administrator
<mrexodia> program:0 is already the base
<mrexodia> but yeah looks like a bug
x64dbgbot
@x64dbgbot
<Dimy> Oh got it thanks !
x64dbgbot
@x64dbgbot
<Diacaprio> How to extract source code of application using this
<lpcvoid> You can't
x64dbgbot
@x64dbgbot
<Diacaprio> Oh ok how can we do it
<Diacaprio> Any other options
x64dbgbot
@x64dbgbot
<GroupAnonymousBot> You can’t - and you can’t decompile application with x64dbg if that’s the question. (re @Diacaprio: Any other options)
x64dbgbot
@x64dbgbot
<kaens> You can't, full stop
You can pretend to have done that using decompilers but w
x64dbgbot
@x64dbgbot
<Yakov5776> With enough effort, decompiling could be enough to reconstruct the source and compile
x64dbgbot
@x64dbgbot
<c0rt3x0> @mrexodia I pm u Tuts4you for the name
x64dbgbot
@x64dbgbot
<mrexodia> ? (re @c0rt3x0: @mrexodia I pm u Tuts4you for the name)
<mrexodia> Read the rules
<c0rt3x0> Yes sorry my mistacke
<kaens> Compilers optimise; that alone makes it impossible to get the exact source, not to mention all the formatting and comments which are sometimes http://uguu.org/sources.html :)
<kaens> @Yakov5776
<Yakov5776> Oh I know
x64dbgbot
@x64dbgbot
<Yakov5776> But once you get to the stage where you can compile, the rest is fun