All Questions
5
questions
0
votes
1
answer
83
views
X64DBG Conditional Breakpoint on Specific Opcode?
Is there any way to break on specific opcode in X64DBG?
For example i want to break on start of a function which is
55 | push ebp
8BEC | mov ebp,esp
can i set a breakpoint like opcode == 0x00EC8B55?
...
2
votes
1
answer
539
views
Trying to learn more about unpacking
I am working on getting better with concepts of unpacking manually to get more clarity on understanding packing routines and decryption logic, so I am trying a few tutorials on PESpin! Previously I ...
- 23
2
votes
2
answers
8k
views
Automating bypassing anti-debug checks
I'm working on bypassing the anti-debug checks of an unpacker in x64dbg. My end goal is to bypass all of the checks so that I can run the (unmodified) process with a debugger attached without any ...
- 180
1
vote
3
answers
3k
views
FThunks when trying to get IAT
Pretty new to RE so sorry if this is a dumb question.
I'm trying to manually unpack an executable and I believe I've found the OEP. However, when I use Scylla to try to fix the import table of the ...
2
votes
0
answers
325
views
How can I fix an unpacked binary which calls out-of-bounds memory?
I've unpacked a binary which was packed with PECompact v2.2 (according to Detect It Easy) and successfully rebuilt the IAT. The binary actually does run, but when I open it in IDA Pro debugger, it is ...
- 1,880