flat assembler
Message board for the users of flat assembler.

Index > Windows > x64dbg debugger and fasm

Author
Thread Post new topic Reply to topic
bazizmix



Joined: 15 Jan 2016
Posts: 51
bazizmix 15 Apr 2016, 14:27
A simple utility to create a JSON database for x64dbg debugger (http://x64dbg.com).
Sample call: x64dbg_dd.exe SYMBOLS.fas SYMBOLS.exe.dd32
In the debugger you should mark parameters: Save Database in Program Directory and Disable Database Compression.
For 64-bit programs database file extension must be .exe.dd64.
The source code is stored as comments
P.S. Utility was made as combination from LISTING.ASM and SYMBOLS.ASM with minor changes.


Description:
Filesize: 148.04 KB
Viewed: 15105 Time(s)

15.04.png


Description:
Download
Filename: x64dbg_dd.7z
Filesize: 470.17 KB
Downloaded: 815 Time(s)

Post 15 Apr 2016, 14:27
View user's profile Send private message Reply with quote
SergeASM



Joined: 13 Nov 2015
Posts: 21
SergeASM 10 May 2016, 11:46
3 antiviruses on virustotal.com report malware in both exe files. Smile
Post 10 May 2016, 11:46
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12868
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 May 2016, 16:45
bazizmix, your program looks so cool!! very impressive, congratulation!!
Post 10 May 2016, 16:45
View user's profile Send private message Reply with quote
win877



Joined: 11 May 2016
Posts: 1
win877 11 May 2016, 06:35
Initialization successful!
Database file: C:\test.exe.dd32
Loading commandline...

Invalid database file (JSON)!
Process Started: 00400000 C:\test.exe
Loading database...
Invalid database file (JSON)!
Post 11 May 2016, 06:35
View user's profile Send private message Reply with quote
bazizmix



Joined: 15 Jan 2016
Posts: 51
bazizmix 11 May 2016, 08:50
Quote:

Invalid database file (JSON)!

Could you provide test.exe.dd32?
Also it is possible you have comments in national codepage with not UTF-8 characters in source code


Last edited by bazizmix on 12 May 2016, 14:08; edited 1 time in total
Post 11 May 2016, 08:50
View user's profile Send private message Reply with quote
bazizmix



Joined: 15 Jan 2016
Posts: 51
bazizmix 11 May 2016, 08:51
Quote:

congratulation

Thanks!
Post 11 May 2016, 08:51
View user's profile Send private message Reply with quote
JohnR



Joined: 08 Feb 2017
Posts: 2
JohnR 20 Feb 2017, 15:27
Thank you for the great tool for x64dbg!
Would anyone know how to debug a program by typing in a cmd window?
When I try "x64dbg Sample.exe" it doesn't open "Sample.exe"
Post 20 Feb 2017, 15:27
View user's profile Send private message Reply with quote
CandyMan



Joined: 04 Sep 2009
Posts: 413
Location: film "CandyMan" directed through Bernard Rose OR Candy Shop
CandyMan 21 Feb 2017, 17:30
this untility not work with my big program:
https://drive.google.com/open?id=0B_wEiYjzVkC0Tng1TXB3Qjd3WXc

_________________
smaller is better
Post 21 Feb 2017, 17:30
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4047
Location: vpcmpistri
bitRAKE 21 Feb 2017, 19:15
JohnR wrote:
Would anyone know how to debug a program by typing in a cmd window?
When I try "x64dbg Sample.exe" it doesn't open "Sample.exe"
I have my patch for FASMW configured to execute "%s" %s. Which just passes the program name to x64dbg, and it appears to work. Out of curiosity I also tried a command window and no problems were had. Not sure what is blocking your effort.

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 21 Feb 2017, 19:15
View user's profile Send private message Visit poster's website Reply with quote
CandyMan



Joined: 04 Sep 2009
Posts: 413
Location: film "CandyMan" directed through Bernard Rose OR Candy Shop
CandyMan 21 Feb 2017, 20:51
he isn't supporting files bigger than 64KB (translates lower 16bit of constant) and labels like e.g. ".1"
Code:
; Example of 64-bit PE program

format PE64 GUI
entry start

include 'win64a.inc'

section '.text' code readable executable

  start:
        sub     rsp,8*5         ; reserve stack for API use and make stack dqword aligned

        call    InitCharTable

        mov     r9d,0
        lea     r8,[_caption]
        lea     rdx,[_message]
        mov     rcx,0
        call    [MessageBoxA]

        mov     ecx,eax
        call    [ExitProcess]

        rb      128*1024        ;####################### bug

proc    InitCharTable
  locals
    Table1      rb 128
    Table2      rb 128
  endl
  frame
        lea     edi,[Table1]
        mov     al,128
      @@:
        stosb
        inc     al
        jnz     @B

        invoke  OemToCharBuffA,addr Table1,addr Table1,128

        lea     esi,[Table1]
        lea     edi,[Table2]
        mov     ecx,128/4
        rep     movsd

        invoke  CharUpperBuffA,addr Table1,128
        invoke  CharToOemBuffA,addr Table1,addr Table1,128
        invoke  CharToOemBuffA,addr Table2,addr Table2,128

        mov     ecx,128
        xor     eax,eax
      @@:
        mov     al,cl
        cmp     al,[rax+Table2-128]
        jz      .1
        mov     [rax+Table1-128],cl
      .1:                               ;####################### bug
        inc     cl
        jnz     @B

        lea     esi,[Table1]
        lea     edi,[UpperCaseTable+128]
        mov     ecx,128/4
        rep     movsd

        lea     esi,[Table1]
        lea     edi,[LowerCaseTable+128]
        mov     ecx,128/4
        rep     movsd

  endf
        ret
endp

section '.data' data readable writeable

  _caption db 'Win64 assembly program',0
  _message db 'Hello World!',0

UpperCaseTable rb 256
LowerCaseTable rb 256

section '.idata' import data readable writeable

  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL'

  include 'api\kernel32.inc'
  include 'api\user32.inc'
    

_________________
smaller is better
Post 21 Feb 2017, 20:51
View user's profile Send private message Reply with quote
JohnR



Joined: 08 Feb 2017
Posts: 2
JohnR 22 Feb 2017, 13:20
It finally worked when the entire path to the file was specified. For example,
"x64dbg C:\SampleDir\Sample.exe"

For some reason, this needs to be done even when calling x64dbg from the directory containing Sample.exe.

Thank you for your help.
Post 22 Feb 2017, 13:20
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.