Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 10:51

    mrexodia on development

    Add line prefix for ASM-Style h… Simplify the formatting code Merge pull request #2986 from w… (compare)

  • 10:51
    mrexodia closed #2986
  • 10:51
    mrexodia commented #2986
  • 10:50
    mrexodia synchronize #2986
  • 00:26

    mrexodia on development

    Align the section size by page … Fix the highlighting of the CIP… (compare)

  • 00:19
    mrexodia labeled #2967
  • 00:19
    mrexodia labeled #2979
  • 00:19
    mrexodia labeled #2979
  • 00:18
    mrexodia commented #2979
  • 00:18
    mrexodia closed #2980
  • 00:18
    mrexodia commented #2980
  • 00:16
    mrexodia closed #2984
  • 00:16
    mrexodia commented #2984
  • 00:09
    mrexodia closed #2985
  • 00:09
    mrexodia commented #2985
  • Dec 01 12:53
    AppVeyorBot commented #2986
  • Dec 01 12:37
    wasd845 commented #2886
  • Dec 01 12:33
    wasd845 opened #2986
  • Nov 30 03:45
    vnxz opened #2985
  • Nov 28 04:32
    gnanashi labeled #2984
x64dbgbot
@x64dbgbot
<santaclos> x64dbg/x64dbg#2264
i'll follow this later and see if that works
<santaclos> thanks for your help
<mrfearless> no worries, hope that helps
x64dbgbot
@x64dbgbot
<mrfearless> if its a simple program you can always zip it up and i can take a look. no promises tho that i will fix it, but no harm either
<mrfearless> could try moving the exe and the pdb into the src folder as well just on the offhand chance it works better there
x64dbgbot
@x64dbgbot
<brigadir15> /FASTDEBUG
x64dbgbot
@x64dbgbot
<mrexodia> hey tami
x64dbgbot
@x64dbgbot
<mrexodia> @nw you around?
<mrexodia> x64dbg/x64dbg#2902 I think this would be a cool feature
<mrexodia> maybe the API needs some extending though
x64dbgbot
@x64dbgbot
<albertsjohnson> Is there a plugin that can trace certain values?
<albertsjohnson> For example, when F9 is pressed, if a certain value, such as "MyPassword" appears in the memory, the app stops
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> How do you expect it to work? Scan the whole virtual memory all the time? Place breakpoints on everything?
<Dmitriy_Karbovskiy> It seems doable for a known small region, but not the whole memory.
<Dmitriy_Karbovskiy> Actually.
<Dmitriy_Karbovskiy> It might be possible with a bit of context.
<Dmitriy_Karbovskiy> Since you are expecting a string, you may want to hook string functions of whatever library/language your program is built upon.
<Dmitriy_Karbovskiy> If you expect a password, it will probably be loaded from file or typed via keyboard. Might as well check that.
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> x64dbg shows the list of used libraries and imported functions.
<Dmitriy_Karbovskiy> You may want to start from that. The rest depends on your case.
<albertsjohnson> When app runs, current values are shown on the comment region
<albertsjohnson> is it possible to write a plugin to search for these values in a real time?
<albertsjohnson> or just compare each of these values to the target string
<albertsjohnson> and if they are matched, then stop
x64dbgbot
@x64dbgbot
<albertsjohnson> it will be very helpful if some plugins can do that
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> You'll need to repeatedly scan the memory.
That's no good and extremely, I mean extremely slow.
<Dmitriy_Karbovskiy> I am no expert in x64dbg though.
Neither I know how to write plugins for that.
<Dmitriy_Karbovskiy> I would recommend to only scan pages with R/RW rights or something.
Scan the stack, scan the heap, skip import, exports and read-only constants (skip .idata, .edata, .reloc, .rdata, .bss and other useless sections)
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> You probably only want to scan dynamic memory. If it's Windows we're talking about, you can enumerate heaps and thread, therefore you might be able to find their stacks.
<albertsjohnson> I found some plugins
<albertsjohnson> maybe they are helpful
<albertsjohnson> thank you
x64dbgbot
@x64dbgbot
<Dmitriy_Karbovskiy> Good luck.
x64dbgbot
@x64dbgbot
<Rhyle12> Hi
Please tell me how to crack the ex4 file through x32dbg
Thanks in advance
x64dbgbot
@x64dbgbot
<gmh5225> Yes. I am
Do you think it makes sense to add this feature within the X64DBG
Or still only available as a plugin
x64dbgbot
@x64dbgbot
<mrexodia> I would say to start with only a plugin. The feature seems kinda niche and adding it to x64dbg itself would be a maintenance burden I think
x64dbgbot
@x64dbgbot
<gmh5225> OK. I see
x64dbgbot
@x64dbgbot
<Atn> @SunBeam are u around ?
<Atn>
<Atn> this script will search for sequence off commands.
<Atn> this apply on next version of this plugin ,
<Atn> I will upload it tommorrow
<SunBeam> alrighty 🙂
<SunBeam> I am around if you want me to test
<SunBeam> ^
x64dbgbot
@x64dbgbot
<SunBeam> you have to understand I am using Discord and can't see any script you may have pasted
<SunBeam> you wrote twice "this script will do this" and I can't see any script
<Atn> that what I thought too
<SunBeam> yeah, sorry
<Atn> I post a picture