Questions tagged [x64dbg]
An open-source x64/x32 debugger for windows with UI inspired by OllyDbg.
225
questions
3
votes
0
answers
318
views
How would I crack a software that has Xor encryption
So, before you shout at me to go on google I would just like to say I am new to reverse Engineering. Like I have been doing it for a hour. So, I was doing a bunch of crackmes.one using the search all ...
- 31
2
votes
0
answers
463
views
What is the correct way to load pdb symbols to show the functions by their name instead of their addresses in x64dbg?
I am trying to reverse a portion of a game, that game loads a DLL file called "ddraw.dll".
Most of the DLL file functions don't appear by their names but appear by their addresses
for ...
- 269
3
votes
1
answer
787
views
Locating function parameters in x32dbg
I'm a bit rusty and trying to analyze a piece of code in x32dbg. As follows:
0627BF49 | 8B0B | mov ecx,dword ptr ds:[ebx] |
0627BF4B | 8B85 CCF5FFFF ...
1
vote
0
answers
144
views
Copy all ASCII in x64db
How i can copy all ASCII or Hex values starting from specific point without scrolling up or keep moving the mouse?
For example from below point till first offset.
Thanks
2
votes
1
answer
539
views
Trying to learn more about unpacking
I am working on getting better with concepts of unpacking manually to get more clarity on understanding packing routines and decryption logic, so I am trying a few tutorials on PESpin! Previously I ...
- 23
4
votes
2
answers
627
views
How to reverse a game and inject a dll in client program?
I am trying to make a bot for a game. But when I open the game in debugger like Ollydbg or in x64dbg the game simply closes and also it doesn't appears in the Attach to the process list in File menu ...
- 41
2
votes
0
answers
69
views
analyze track program protected
What are the modern methods of dealing with obfuscation and code virtualization? all these protectors create unrealistic code traces?
- 21
1
vote
1
answer
2k
views
How to locate a string in memory with x64dbg
I opened a 32-bit program with x32dbg, I wrote something on a text box like this :
How can I find the piece of code that manipulates the string "Goku" ? I searched all string references but ...
- 111
1
vote
1
answer
265
views
Calling function with string as parameter
I'm trying to call a function in a game that makes my character sending a message.
I already called a few functions in this game but this one has a tricky parameter.
The function signature should be ...
- 161
0
votes
1
answer
183
views
How to find the first function that sets the value currently stored in a given register?
I'm interested in a general approach to the following problem:
The function F_Init allocates a byte buffer called Buffer with a size called BufSize. The Buffer is allocated with each frame/iteration ...
- 3
3
votes
1
answer
971
views
x64dbg: is there a way to save the complete disassembly of a module to a text file?
Is it possible to save the complete disassembly / listing to a file, and if so, how can it be done?
- 187
3
votes
1
answer
4k
views
How to load a PDB file into x64dbg?
I want to see symbols in the disassembly wherever possible, and I have a PDB file for the .exe I'm debugging, but I can't find a way to load the PDB file from disk. Is it even possible?
- 187
2
votes
1
answer
432
views
x64dbg : TraceInto only in user code
The question seems pretty simple, but I can't achieve this simple thing in a reasonable time. I have a malware proceeding to deobfuscate a large amount of APIs in memory. Only the pointer to the ...
- 23
1
vote
1
answer
487
views
Searching for strings only partially works in x64Dbg
Please note that I am new to x64dbg.
As you can be seen in the picture below, the error message has the string
[ebp+8]:L"The information you have entered is invalid!\n..."
However, when I ...
1
vote
0
answers
426
views
x64dbg placing a on write breakpoint on a dynamic allocated address
I am currently trying to reverse the registration scheme of a crackme. I found the jump instruction that decides if the title of the program says “registered” or “unregistered” by simply searching for ...
- 11