All Questions
18
questions
0
votes
1
answer
83
views
X64DBG Conditional Breakpoint on Specific Opcode?
Is there any way to break on specific opcode in X64DBG?
For example i want to break on start of a function which is
55 | push ebp
8BEC | mov ebp,esp
can i set a breakpoint like opcode == 0x00EC8B55?
...
0
votes
0
answers
40
views
how to set a BP on button in SunAwtCanvas in x96dbg
I'm trying to debug a program in x96dbg that I think this is written in Matlab. There is no string related to buttons or something interesting. Then I go to Handles tab to find buttons and set break ...
4
votes
1
answer
976
views
Change string value when string is in a RAM address x64 c++ program
I'm new to reverse engineering.
I'm simply trying to change the value of a string in x64dbg, of a program I make myself in VS
(It's a c++ program, and is VERY simple; it just prints a string, and two ...
3
votes
1
answer
259
views
How to call Windows console in ASM and printf some values there?
Is there a working way to embed the windows console in disasm code? I tried AllocConsole with GetStdHandle or AttachConsole with PID of an existing console but it didn't work. I have tried printf ...
1
vote
0
answers
426
views
x64dbg placing a on write breakpoint on a dynamic allocated address
I am currently trying to reverse the registration scheme of a crackme. I found the jump instruction that decides if the title of the program says “registered” or “unregistered” by simply searching for ...
1
vote
1
answer
807
views
A tutorial or docs to unpack a custom packed PE
I am facing an odd situation. I have a licensed game that's doing odd actions on the system. I isolated it as I could and observed the behavior both network and so forth, and I suspect it's a custom-...
2
votes
1
answer
1k
views
x64dbg or alternative: Run to selection while storing all ran opcodes
I'm trying to trace a function, but unfortunately that function is huge and has lots and lots of jumps to other locations, making it almost impossible to trace for humans. I know the entry point and ...
1
vote
1
answer
537
views
How to calculate value inside stack segment (SS)
I have an assembly row which the following information:
EBP = 006FFB50
SS = 002B
When I looked on this row:
mov eax,dword ptr ss:[ebp+8]
I assumed that EBP + 8 = 006FFB50 + 8 = 006FFB58.
But ...
2
votes
2
answers
1k
views
Dealing with obfuscated PUSH PUSH RET instructions
I wanted to run an app on a VM but there are PUSH PUSH RETs stopping me from looking at their anti VM code. There is a messagebox when I run it on a VM. I set a breakpoint at MessageBoxA and it gets ...
1
vote
1
answer
87
views
How's this code able to make use of the stack?
I am trying to reverse engineer software to extend its functionality as expected of me. So I don't have the source code with me. Anyways, I am used to seeing codes that start like the one below, and ...
-2
votes
1
answer
4k
views
Debug and crack .NET executable PE
i'm trying to learn reverse engineering for penetration testing my codes and i believe i won't learn unless i can do some practical so
I'm trying to crack an application that is written in C# and all ...
0
votes
1
answer
239
views
xor eax,3 why does the input change the way it does?
I am new to reverse engineering and I am trying to figure out exactly what xor is doing in this little program. I know if I put any number other than 0 I get a xor eax,3 so if I put in 1 I get 2 if I ...
2
votes
1
answer
805
views
change compare function in assembly and .exe stopped working x64dbg
I'm trying to bypass (crack) a very old software that require license in order to unlock all the features
i was digging in the lines with a little bit of knowledge in assembly
and i found the line ...
2
votes
1
answer
2k
views
bypass license of very old software, Access violation (C0000005) x32dbg
I'm trying to bypass the license of a very old software that i was using many years ago, now, the company of that software is closed and i can't get a license
so, with a little bit of knowledge in ...
0
votes
1
answer
1k
views
What does ds mean?
When debugging with x64dbg I sometimes see mov ss:[address] 0xAA, I know that this means: move 0xAA into memory at specified address.
But what does
mov ds:[address] 0xAA
mean?