Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 12:53
    AppVeyorBot commented #2986
  • 12:37
    wasd845 commented #2886
  • 12:33
    wasd845 opened #2986
  • Nov 30 03:45
    vnxz opened #2985
  • Nov 28 04:32
    gnanashi labeled #2984
  • Nov 28 04:32
    gnanashi opened #2984
  • Nov 27 14:53
    AppVeyorBot commented #2983
  • Nov 27 14:35
    Dynabits opened #2983
  • Nov 26 15:32
    torusrxxx closed #2811
  • Nov 26 15:31
    torusrxxx commented #2811
  • Nov 26 15:29
    torusrxxx commented #2961
  • Nov 26 15:28
    torusrxxx labeled #2961
  • Nov 26 15:28
    torusrxxx labeled #2961
  • Nov 26 14:40
    mrexodia commented #2982
  • Nov 26 14:40

    mrexodia on development

    Use common undecorate flags Merge pull request #2982 from j… (compare)

  • Nov 26 14:40
    mrexodia closed #2982
  • Nov 26 14:31
    justanotheranonymoususer opened #2982
  • Nov 26 11:51
    mrexodia commented #2201
  • Nov 26 11:40
    noword commented #2201
  • Nov 26 10:18
    mrexodia commented #2201
x64dbgbot
@x64dbgbot
<moddervtc2> can crack this to me
<mrexodia> Done, thx (re @mrfearless: @mrexodia might need you to do some ban hammer stuff)
<mrfearless> thanks
<mrfearless> might also depend on how the pdb was created - since newer versions of studio do things differently, mainly for its own debugging support (re @x64dbg_bot: <santaclos> i tried to debug with src and pdb in the same folder but the source tab is still empty. I'm trying to find a video on youtube
https://cdn.discordapp.com/attachments/360907625837101067/993221636335599676/unknown.png)
x64dbgbot
@x64dbgbot
<santaclos> okk thanks for the info i'll try with different settings since i'm still not seeing the source code
<mrfearless> i think turn off whole program optimization thing as i believe having that puts in dependancy for a c1.dll file that is used with debugging in the visual studio stuff. And change the C/C++->General->Debug Information Format to just Program Database (Zi)
<mrfearless> then C/C++->Code Generation->Runtime Library - might have to change that as well - depends on your project. At a guess i would try Multi-threaded Debug (/MTd)
<mrfearless> check Librarian or Linker command line to see if its showing that /FASTDEBUG or something like that, it wont create the pdb that x64dbg can use from what i understand, so thats a quick way of checking that.
x64dbgbot
@x64dbgbot
<mrfearless> Yes the linker->Debugging->Generate Debug Info should be set to Generate Debug information (/DEBUG)
<mrfearless> and not the /DEBUG:FASTLINK or /DEBUG:FULL options
<mrfearless> Advanced you can set Randomized Base Address to /DYNAMICBASE:NO
<mrfearless> for your source coding
<mrfearless> if release then perhaps you want that
x64dbgbot
@x64dbgbot
<santaclos> tried but still not working
<santaclos> x64dbg/x64dbg#2264
i'll follow this later and see if that works
<santaclos> thanks for your help
<mrfearless> no worries, hope that helps
x64dbgbot
@x64dbgbot
<mrfearless> if its a simple program you can always zip it up and i can take a look. no promises tho that i will fix it, but no harm either
<mrfearless> could try moving the exe and the pdb into the src folder as well just on the offhand chance it works better there
x64dbgbot
@x64dbgbot
<brigadir15> /FASTDEBUG
x64dbgbot
@x64dbgbot
<mrexodia> hey tami
x64dbgbot
@x64dbgbot
<mrexodia> @nw you around?
<mrexodia> x64dbg/x64dbg#2902 I think this would be a cool feature
<mrexodia> maybe the API needs some extending though
x64dbgbot
@x64dbgbot
<albertsjohnson> Is there a plugin that can trace certain values?
<albertsjohnson> For example, when F9 is pressed, if a certain value, such as "MyPassword" appears in the memory, the app stops
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> How do you expect it to work? Scan the whole virtual memory all the time? Place breakpoints on everything?
<Dmitriy_Karbovskiy> It seems doable for a known small region, but not the whole memory.
<Dmitriy_Karbovskiy> Actually.
<Dmitriy_Karbovskiy> It might be possible with a bit of context.
<Dmitriy_Karbovskiy> Since you are expecting a string, you may want to hook string functions of whatever library/language your program is built upon.
<Dmitriy_Karbovskiy> If you expect a password, it will probably be loaded from file or typed via keyboard. Might as well check that.
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> x64dbg shows the list of used libraries and imported functions.
<Dmitriy_Karbovskiy> You may want to start from that. The rest depends on your case.
<albertsjohnson> When app runs, current values are shown on the comment region
<albertsjohnson> is it possible to write a plugin to search for these values in a real time?
<albertsjohnson> or just compare each of these values to the target string
<albertsjohnson> and if they are matched, then stop
x64dbgbot
@x64dbgbot
<albertsjohnson> it will be very helpful if some plugins can do that
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> You'll need to repeatedly scan the memory.
That's no good and extremely, I mean extremely slow.
<Dmitriy_Karbovskiy> I am no expert in x64dbg though.
Neither I know how to write plugins for that.
<Dmitriy_Karbovskiy> I would recommend to only scan pages with R/RW rights or something.
Scan the stack, scan the heap, skip import, exports and read-only constants (skip .idata, .edata, .reloc, .rdata, .bss and other useless sections)
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> You probably only want to scan dynamic memory. If it's Windows we're talking about, you can enumerate heaps and thread, therefore you might be able to find their stacks.
<albertsjohnson> I found some plugins
<albertsjohnson> maybe they are helpful
<albertsjohnson> thank you
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> Good luck.
x64dbgbot
@x64dbgbot
<Rhyle12> Hi
Please tell me how to crack the ex4 file through x32dbg
Thanks in advance
x64dbgbot
@x64dbgbot
<gmh5225> Yes. I am
Do you think it makes sense to add this feature within the X64DBG
Or still only available as a plugin
x64dbgbot
@x64dbgbot
<mrexodia> I would say to start with only a plugin. The feature seems kinda niche and adding it to x64dbg itself would be a maintenance burden I think