Skip to main content
Reverse Engineering

Questions tagged [x64dbg]

Ask Question

An open-source x64/x32 debugger for windows with UI inspired by OllyDbg.

225 questions
Newest Active Bountied Unanswered
1 vote
0 answers
31 views

how to logging API call in x64dbg

I want to logging all API calls between two breakpoint. I have tried the trace option but it can not logging API name. Any good plugin achieve this?
qazwsdc's user avatar
qazwsdc
  • 11
3 votes
1 answer
99 views

How can I set up a conditional breakpoint for the CreateFileW function for when a specific file/path is read in x64dbg?

I'm currently debugging a program using x64dbg, and I'm struggling to set up a conditional breakpoint on the CreateFileW function: HANDLE CreateFileW( [in] LPCWSTR lpFileName,...
mrexodia's user avatar
mrexodia
  • 1,707
0 votes
0 answers
22 views

Dumping all import symbols from x64dbg

I want to export the symbol addresses from all loaded modules in x64dbg. I know I can do this DLL-by-DLL from the Symbols tab (click on one module > right click in table > Copy > Export Table)...
thejoelpatrol's user avatar
thejoelpatrol
  • 76
3 votes
1 answer
787 views

Locating function parameters in x32dbg

I'm a bit rusty and trying to analyze a piece of code in x32dbg. As follows: 0627BF49 | 8B0B | mov ecx,dword ptr ds:[ebx] | 0627BF4B | 8B85 CCF5FFFF ...
Community's user avatar
CommunityBot
  • 1
0 votes
0 answers
47 views

How to get which Tedit is referenced when retrieving text

Reversing a borland builder 6 application, I came across this function: @Controls@TControl@GetText$qqrv Now, the two parameters for the function are: LEA param_2=>local_8,[EBP + -0x4] MOV param_1,...
mark's user avatar
mark
  • 1
0 votes
0 answers
27 views

x64dbg string references can not find

i am trying to register a software with x64dbg, but my experience is not enaugh for do this. Anyone can help me ? i am ready to pay price. Problem is can not find string references in x64dbg.i already ...
KADİR SÖNMEZ's user avatar
KADİR SÖNMEZ
  • 1
0 votes
2 answers
145 views

How can I debug if the program closes directly?

I'm trying to debug a game and it's closing under few circumstances: When debugging (solved by hooking IsDebuggerPresent to return false when called by the game) When setting a memory/hardware ...
kuhi's user avatar
kuhi
  • 161
0 votes
1 answer
83 views

X64DBG Conditional Breakpoint on Specific Opcode?

Is there any way to break on specific opcode in X64DBG? For example i want to break on start of a function which is 55 | push ebp 8BEC | mov ebp,esp can i set a breakpoint like opcode == 0x00EC8B55? ...
Dale's user avatar
Dale
  • 276
0 votes
0 answers
48 views

Why a breakpoint works in x64dbg but not in IDA?

I've spent all morning trying to find a solution to debug with IDA the same function I'm debugging in x64dbg. In x64dbg, I just go to Symbols -> ws2_32.dll -> WSARecvFrom -> F2 (set ...
kuhi's user avatar
kuhi
  • 161
1 vote
1 answer
265 views

Calling function with string as parameter

I'm trying to call a function in a game that makes my character sending a message. I already called a few functions in this game but this one has a tricky parameter. The function signature should be ...
Arthur's user avatar
Arthur
  • 1
0 votes
0 answers
94 views

Question about anti-debug methods and anti-anti-debug methods

I've come across several binaries that have simple anti-debug methods in place, like checking IsDebuggerPresent(), NtQueryInformationProcess(), etc. But I recently came across a binary that looked ...
Joshua Terrill's user avatar
Joshua Terrill
  • 133
2 votes
1 answer
3k views

How to run a script in x64dbg

In the x64dbg manual is many scripting commands and other things, but nowhere in it is mentioned, how to launch a script. So, my question is: How to launch a script in x64dbg?
MarianD's user avatar
MarianD
  • 1,130
0 votes
0 answers
40 views

How can I find the part of cmd.exe that processes windows batch commands before they're executed?

I'm able to find the ReadConsoleInputW commands for pause and reading input for commands but I'm unable to find the actual processing of the commands. I'm using x64dbg but I'm fairly new to Reverse ...
user19244091's user avatar
user19244091
  • 1
0 votes
0 answers
40 views

how to set a BP on button in SunAwtCanvas in x96dbg

I'm trying to debug a program in x96dbg that I think this is written in Matlab. There is no string related to buttons or something interesting. Then I go to Handles tab to find buttons and set break ...
0xC0000022L's user avatar
0xC0000022L
  • 10.9k
0 votes
0 answers
125 views

Scylla error on FThunk import (manually unpacking UPX)

I'm trying to practice on manual unpacking starting from UPX. I'm using putty.exe x64 This is what I'm doing: upx -o putty_packed.exe putty.exe Disable Dynamic base (ASLR) using CFF Explorer on ...
Ryuk's user avatar
Ryuk
  • 21

15 30 50 per page
1
2 3 4 5
15