x64dbg

Official x64dbg blog!
Archive, Search
Looking for writers!

© 2023. All rights reserved.

Weekly digest 7

09 Oct 2016, by mrexodia

This is the seventh of (hopefully) many weekly digests. Basically it will highlight the things that happened to x64dbg and related projects during the week before.

Plugin page

There is now a wiki page available dedicated to x64dbg plugins. It contains various templates and also a list of plugins. If you wrote a plugin yourself, feel free to add it to the list!

Variable list will now be shown in the reference view

The command varlist will now show the available variables in the reference view instead of in the log.

variable references

Fixed a crash in the pluginload command

Previously the pluginload commands would not check the number of arguments and it would read in bad memory. See issue #1141 for more details.

Added undo in registers view

Atvaark added an ‘Undo’ option to revert register changes in pull request #1142.

undo register

Hide actions in a submenu

Think there are too many entries in the disassembly context menu? You can now move menu entries you don’t use to the ‘More commands’ section to make your life less complicated. This also works for some other menus but some more work is required to make it possible everywhere.

more commands

Better character recognition in the info box

The info box will now recognize escaped characters in addition to printable characters.

Character recognition in comments

Pull request #1145 added character recognition requested in issue #1128.

character comments

Goto origin in memory map

Atvaark has added the Goto -> Origin option in the memory map in pull request #1146. This will show you the memory page that EIP/RIP is currently in.

goto origin

Highlight jump lines in the sidebar if the destination is selected

The branch lines in the sidebar are now highlighted when selecting the branch destination. This is in addition to the xref feature that was implemented some time ago. If you want xref analysis use the command analx, analyze a single function with the ‘A’ button or use the analr command. For more analysis commands, see the analysis section of the documentation.

highlight destination

Various updates to the mnemonic database

If you are looking for a quick description of every instruction you can use the ‘Show mnemonic brief’ (Ctrl+Alt+F1) option to get a brief description of every opcode. The mnemonic database used for this has been slightly updated and should give better results in some cases.

mnemonicbrief

Open file/directory options for the source view

You can now open the file/directory of the source file you are currently debugging in to view the file in your favorite editor.

open source file

Next/Previous/Hide tab

The third and fourth(!!!) pull request by Atvaark this week (#1152 and #1153) added more flexibility with tabs. You can now easily hide tabs and switch between them.

Import/export database

It is now possible to use the dbload and dbsave commands to import/export databases to an arbitrary location. Once you have an exported the database you can import it in IDA with the x64dbgida plugin. This also works the other way around!

export database

import database

Better IsJumpGoingToExecute

The function that analyzes the flags to see if a jump is going to execute has been re-implemented and should now be faster. In addition to that the loop instruction is correctly analyzed now.

Usual stuff

That has been about it for this week again. If you have any questions, contact us on Telegram, Gitter or IRC. If you want to see the changes in more detail, check the commit log.

You can always get the latest release of x64dbg here. If you are interested in contributing, check out this page.

Finally, if someone is interested in hiring me to work on x64dbg more, please contact me!

Comments