Highest Voted 'x64dbg' Questions - Reverse Engineering Stack Exchange

9

votes

2 answers

How to view string references?

I have attached debugger to process/application (exe), but when i go to string references, it shows ntdll.dll references, instead of program. how to get the references from program itself? is it protected?

x64dbg

asked Jun 11 '18 at 15:25

T.Todua

643
2
9
20

9

votes

1 answer

Trace back which function called the message box in x64dbg?

I have an error message pop up on the screen every few seconds on a program. I would like to trace it back as to which function is calling the message box and why. I found the referenced string but how do I trace it back to who called the function?

x64dbg

asked Apr 02 '18 at 16:02

user5793353

93
1
1
4

5

votes

1 answer

Is it possible to view and modify process memory without attaching the debugger in x64dbg?

This functionality is available in Cheat Engine where the debugger won't be attached until you set a breakpoint or explicitly ask for the debugger to be attached. I've looked everywhere and couldn't find anything similar for x64dbg. It's very useful…

x64dbg

asked Sep 27 '19 at 20:47

l3240120

53
3

5

votes

1 answer

Search strings in multiple files/processes/modules (x64dbg)

when you click String references in x64dbg, it only lists strings from current module/file. Is that possible to search strings in multiple (selected) files/modules?

x64dbg

asked Jun 29 '18 at 10:01

T.Todua

643
2
9
20

4

votes

1 answer

How to copy binary file with x64dbg\x32dbg after it changed it self

I know how to do it with OllyDbg but with x64dbg\x32dbg I don't know how to do it. I have a packed binary file and at some point it unpacks itself and I found the point where it does it. I want to copy it to a binary file at this point (after…

x64dbg

asked Jun 07 '18 at 16:00

E235

583
8
24

3

votes

0 answers

x32dbg error C0000005, EXCEPTION_ACCESS_VIOLATION

Having some trouble with cracking a program, as the software does not prompt me to enter a serial key for activation. Instead, a serial key 924D-E42E-427D is already displayed within the program. So one should call the owner of the program to…

x64dbg

asked Mar 22 '23 at 01:30

tolier

31
2

3

votes

0 answers

Exporting patches as loader in x64dbg?

Is there a way to export modifications made in x64dbg as a separate executable file, which can be used to patch a desired executable file without detection? The resulting file should function as a loader, automatically patching the desired…

x64dbg

asked Jan 14 '23 at 21:54

Halil Nevzat Demirel

31
3

3

votes

1 answer

exe file not opening after patching

I hope everyone is well. I'm new here and I'm hope someone can help me with the problem I'm facing. I've been trying to reverse engineer a program but everytime I change an instruction, not matter how small it is, I always get the same result which…

x64dbg

asked Dec 08 '22 at 18:37

jjprince

49
3

3

votes

2 answers

x64dbg: Conditional breakpoint: how to log only if register value has changed?

What i'm trying to achieve is to use a conditional breakpoint, that never actually breaks but logs in x64dbg's console the value of r9 only when it changes, to prevent console cluttering. But i do not understand how to set the expression for the log…

x64dbg

asked Dec 01 '22 at 18:28

EncoderX

73
5

3

votes

1 answer

I am analyzing an exe with x64dbg but I dont see the address 00401000

Will every .exe file start from 00401000 or am I wrong assuming such a thing. Edit: total beginner here. when the program is first loaded onto x64dbg it immediately goes into a DLL, so I could not see the address 00401000, but indeed it is present…

x64dbg

asked Jul 02 '19 at 12:24

jimmy_james

31
2

3

votes

2 answers

x64dbg - see the current position?

i.e. when the program is running, and x64dbg is attached to the process - how can i see where it is at this moment?

x64dbg

asked Jun 29 '18 at 09:17

T.Todua

643
2
9
20

2

votes

0 answers

Help with reversing an application with x64dbg

I am a newbie to reverse engineering. I am trying to reverse engineer an app that uses some form of internet explorer frame kind of thing because I could see use of mshtml.dll and jscript9.dll and with the help of some dynamic analysis with ProcMon…

x64dbg

asked May 17 '23 at 19:49

Madhur

31
2

2

votes

1 answer

How to run a script in x64dbg

In the x64dbg manual is many scripting commands and other things, but nowhere in it is mentioned, how to launch a script. So, my question is: How to launch a script in x64dbg?

x64dbg

asked Jul 04 '21 at 12:37

MarianD

1,130
1
6
23

2

votes

1 answer

Forcefully interpret code in x64dbg

I was just wondering if there was a way to force an interpretation of a block of code in x64dbg. The section im analyzing fluctuates between this: and this:

x64dbg

asked Jun 15 '18 at 11:01

Xymistic

111
1
2
7

1

vote

2 answers

reversing pyinstaller compiled exe

i created some compiled binaries using different languages and tried to understand them using x64dbg, the compiled binaries produced by the c language/gcc compiler were pretty easy to understand, then i compiled a simple hello world program in…

x64dbg

asked Nov 17 '23 at 12:36

Praveen

11
2

Questions tagged [x64dbg]