Jump to content
mr.exodia

x64dbg

Recommended Posts

mr.exodia

Hi,

Together with Sigma I'm working on a new x64/x32 debugger that should eventually provide the same functionality as OllyDbg (with some extra features of course). The design is not yet finished, so please refrain from giving suggestions regarding design.

We are currently working on the GUI and the first results should be visible maybe tommorow!

Bug reports/feature suggestions (regarding internal designs and commands) are really welcome!

Currently you can get the debugger (+ source) at: https://bitbucket.org/mrexodia/x64_dbg

Expect updates every week!

Screenshot (as on the server at the moment):
image.png

Greetings,

Mr. eXoDia

PS DONT REPOST THIS ONE SOME OTHER BOARD I CAN POST MYSELF, thanks (sorry for the capitals, but this reposting habit can get annoying sometimes)

Edited by mr.exodia
  • Like 2
  • Upvote 8

Share this post


Link to post
Share on other sites
iceland

Ohhh really nice.... :)


Mr. Exodia your tools are always great.......!!!


Share this post


Link to post
Share on other sites
m0rpheus

PS DONT REPOST THIS ONE SOME OTHER BOARD I CAN POST MYSELF, thanks (sorry for the capitals, but this reposting habit can get annoying sometimes)


 


Ha Ha I will on www.google.com/forum

Share this post


Link to post
Share on other sites
mr.exodia
Hi everyone,

 

Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features:


  • variables, currently command-based only


  • basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A)


  • software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr')


  • hardware breakpoints (access, write, execute), also command-only


  • stepping (over, into, out, n instructions), can be done with buttons/shortcuts


  • memory allocation/deallocation inside the debuggee


  • quickly access API adresses (bp GetProcAddress)


  • syntax highlighting, currently not customizable


  • simple memory map (just addr+size+module+protection basically)

 

The debugger has an easy GUI, for which we looked a lot at Olly ;)

 

Screenshot:


 

Debug engine is TitanEngine, disassembler BeaEngine, icons are from various sources (see About dialog). We use QT for the GUI part.

 

If you have a suggestion, a bug report, need more info, want to contribute, just post here or send me a private message.

 

The latest public build + source can always be found on http://x64dbg.com (click 'Source'->'bin_public') to download the latest build. For now, you can download the first 'alpha' here: http://rghost.net/49769396

 

We would love to hear from you!

 

Greetings,

 

Mr. eXoDia & Sigma

  • Upvote 1

Share this post


Link to post
Share on other sites
Blue Indian

Thanks eXodia for the update, RE needs some such good tools for x64 platform. Will check this out :)


Share this post


Link to post
Share on other sites
mr.exodia

[This is a new version of this repository. The old version can be found ]
[here: https://bitbucket.org/mrexodia/x64_dbg_old ]

This is a x64/x32 debugger that is currently in active development.

The debugger has (currently) three parts:
- DBG
- GUI
- Bridge

DBG is the debugging part of the debugger. It handles debugging (using
TitanEngine) and will provide data for the GUI.

GUI is the graphical part of the debugger. It is built on top of Qt and it
provides the user interaction, the dump window (not yet implemented), the
disassembly, the register window, the memory map view, the log view etc.

Bridge is the communication library for the DBG and GUI part (and maybe in
the future more parts). The bridge can be used to work on new features,
without having to update the code of the other parts.

Right now the debugger supports the following features:
- variables (with regard to the upcoming script feature)
- basic calculations (var*@401000+.45^4A)
- hide debugger (very basic)
- software breakpoints (INT3, LONG INT3, UD2)
- memory breakpoints (read, write, execute)
- hardware breakpoints (access, write, execute)
- stepping (into, over, n instructions)
- rtr (return from function)
- memory allocation/deallocation in the debuggee
- quickly accessing API addresses (GetProcAddress->76E13620)
- highlighting (not yet customizable, but really helpful)
- memory map
- basic module labeling
- import reconstruction (plugin using Scylla)
- drag&drop files
- goto window
- register/flags view with editing support
- quite fast working in really big code pages (tested up to 5GB)
- GUI hotkeys
- dynamic jump arrow (just like OllyDbg)

Known bugs are:
- hardware breakpoints do not work properly on x64 (TitanEngine bug)
- sometimes the disassembly view is not updated (click anywhere to solve)
- ??? (please report)

The debugger core is based on TitanEngine (an updated version,
https://bitbucket.org/mrexodia/titanengine-update)

Disassembly powered by BeaEngine (http://beaengine.org/).

The icon is taken from VisualPharm (http://www.visualpharm.com/)

Special thanks:
- acidflash
- Ahmadmansoor
- EXETools community
- Tuts4You community

Greetings,
 
Mr. eXoDia & Sigma

  • Upvote 2

Share this post


Link to post
Share on other sites
mr.exodia

Updated to v0.2Alpha:

- GUI hotkeys
- user databases for labels/comments/breakpoints (*.dd64 or *.dd32 files)
- easy context menu in disassembly (to set breakpoints etc)

- many bugfixes

 

Greetings,

 

Mr. eXoDia & Sigma

  • Upvote 1

Share this post


Link to post
Share on other sites
mr.exodia
Hi everybody,

 

Today a small release (V0.03ALPHA) with the following important changes:

- fixed many bugs

- more context menu options (you can now select a HWBP to replace when DRX is full)

- bookmarks (ctrl+d)

- plugin support

- user database is stable, so your labels+comments+bookmarks+breakpoints are saved automatically

 


 

Greetings,

 

Mr. eXoDia & Sigma

 

PS If you have questions (about plugin support) or want to contribute in some way, feel free to contact me

  • Upvote 4

Share this post


Link to post
Share on other sites
Blue Indian

Thanks for the update eXodia :)


PS: I pinned this topic because this is an active and really nice project!


Share this post


Link to post
Share on other sites
CriticalError

here a update of x64dbg have fun.

 

[information]
Open source, ollydbg-like, scriptable x64/x86 debugger for windows. Need the Microsoft Visual C++ 2010 Redistributable Packages (x86 and x64) to run this.

x64:
http://www.microsoft.com/en-us/download/details.aspx?id=14632
x86:
http://www.microsoft.com/en-us/download/details.aspx?id=5555

[Website]



[Features]

    Open-source
    Intuitive and familiar, yet new user interface
    C-like expression parser
    Full-featured debugging of DLL and EXE files (TitanEngine)
    IDA-like sidebar with jump arrows
    IDA-like instruction token highlighter (highlight registers etc.)
    Memory map
    Symbol view
    Thread view
    Content-sensitive register view
    Fully customizable color scheme
    Dynamically recognize modules and strings
    Import reconstructor integrated (Scylla)
    Fast disassembler (BeaEngine)
    User database (JSON) for comments, labels, bookmarks etc.
    Plugin support with growing API
    Extendable, debuggable scripting language for automation
    Multi-datatype memory dump
    Basic debug symbol (PDB) support
    Dynamic stack view
    Built-in assembler (XEDParse)


[Download]



[Author]
Mr. Exodia
  • Upvote 1

Share this post


Link to post
Share on other sites
Jasi2169

After a very long time ur here :P

Yea i have latest release already

Share this post


Link to post
Share on other sites
Indip3nd3nt

My god! This debugger is becoming better than Olly for me! 
Cool interface..lot of functions,im using it on x32 targets too now,instead of the old beloved olly..

Great great job exodia!

 

+1000

  • Upvote 1

Share this post


Link to post
Share on other sites
Rozbud

Mr. eXoDia, 

Great tool same as you!

Keep it up.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

Guidelines