View Full Version : want to start cracking... comp runs 64bit vista :(

October 5th, 2008, 16:10
my computer runs 64bit vista... apparently all the tools people use in tutorials are for 32bit systems only. there is windbg for 64bit debugging but noone has made any tutorials for this and it seems all the great scripts and plugins are for ollydbg anyway. ive found a script that supposedly lets you run ollydbg on a 64bit OS but it doesnt look very promising

does the fix work? or should i give up hope of being able to go through these tutorials ive found on this machine?

edit - i did search 64bit but didnt really find any threads like this... and the one that was similar was 4 years old, maybe responses would be different now

October 5th, 2008, 20:07
My guess.....

A VM that will run 32 in a 64 environment.

Or you could install an older version or windows on the same machine without dumping your vista.

I suppose there are many ways to do it.


October 6th, 2008, 01:59
buy cheap used 32bit comp!?

October 6th, 2008, 12:31
*evaluator buy cheap used 32bit comp!?

He buy you pay for him? :P

October 6th, 2008, 13:26
when i look in task manager it says *32 by the 32bit applications... does this mean it should work like it was on a 32bit processor?


anyway, id really rather work on this computer. if i cant get it to work on this one i might try using windbg for a step-by-step solution and forget about hoping for a quick-fix script

October 6th, 2008, 13:47
Kinda, your OS use what is called "Windows On Windows 64", WoW64. A layer mainly using 3 compat dlls to run 32b PE files unmodified on 64b platforms, see google for further info.

October 6th, 2008, 15:41
ok small tutorial
works with most stuff , only themida detect something
download a http://www.ollydbg.de fresh ollydbg

download http://tuts4you.com/download.php?view.122 lena tutorial 1and put the ini file into ollydbg

create plugin and upp folder and change olly settings

http://www.tuts4you.com/download.php?view.75 olly advance,
http://www.tuts4you.com/download.php?view.2425 stealth 64
and the http://www.tuts4you.com/download.php?view.2012 themida9in1 exe

put the dlls into plugins folder
and enable http://img185.imageshack.us/img185/7145/settingsga0.jpg

if there are some users with good debugin knowledge it would be very nice if they can tell me what themida detects on my system
if i attach a process the process terminate

greetz blub22

October 6th, 2008, 16:43
In stealth64 check everything except "Suspend Time API's".
Although I love OllyAdvanced, I would not recommend it on Vista x64.
Use a modified Olly like Sabre-Gold : http://www.tuts4you.com/download.php?view.2163.

October 6th, 2008, 19:29
same problem on sabre
on xp 32 i use olly phantom , enable all features and it runs

October 7th, 2008, 14:32
esther.. i kLLL U : )!

he has VISTAon64 i have W98on600CEL & i must buy for him??!!

October 7th, 2008, 20:49
thanks for the screenshots and advice... i now have setup

ollydbg 1.10

ollydbg sabre gold
-many plugins that came with package
-no stealth64 ?

and in same folder as ollydbg 1.10 i put ollydbg9in1

is that right?

what is the function of stealth64? does that allow it to work properly in 64bit os, or is that to hide the debugger from certain protections?

one last question, if it's not too much trouble, is there anywhere just a list of common debug terms such as JE, CMP, EAX and their meaning?

October 7th, 2008, 21:25
Common debug terms..........

Find an asm manual.


October 8th, 2008, 09:28
[Originally Posted by utter_noob;77319]thanks for the screenshots and advice... i now have setup

ollydbg 1.10

ollydbg sabre gold
-many plugins that came with package
-no stealth64 ?

when you add the themida 9in1 exe into the olly1.10 folder its nearly same
and you should use the ini from lena tutorials

update !
for themida ... you need phantom plugin and enable only the
custom handle exception [x]
then you can debug on vista 64