Results 1 to 7 of 7

Thread: DEBUGGER WITH GOOD ASSEMBLY in 64 BITS

  1. #1

    DEBUGGER WITH GOOD ASSEMBLY in 64 BITS

    I am working in 64 bits cracking, and have some problems.
    I have WINDBG 64 and IDA for 64 bits, and both have a similar problem and i not found a solution.

    I need assembly code in 64 bits, in the debugger, and test on the fly, i need be quickly, i'm trying injections of code and the code need to be written in the same program in caves, is not possible compile the code out of the debugger.

    Both debuggers don't assemble correctly in 64 bits, and have similar errors, if you type PUSH RAX is not accepted, and PUSH EAX is accepted and changed to PUSH RAX (very strange)
    SUB RSP,38 is not accepted at all,SUB RSP,038h, and all posibilities with RSP are not accepted, but SUB ESP,38 is accepted, and is not transformed to SUB RSP,38 (agrrrrrrrrrrrh).
    Conclusion is no possible asembly in IDA or WINDBG at all in 64 BITS.

    Well my question is, how do you make this job in 64 bits?, assembling and trying code in injections writing directly in the debugger,
    In 32 bits is easy in ollydbg, but in 64 bits olly don't work.

    What tool can be used for this?There are a debugger for 64 bits capable of assembly code?

    Thanks for all
    ricnar

  2. #2
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    64bit CPU will dead before 32bit.
    & we all will jump to 128bit CPU!

  3. #3
    well but I have no solution? buaaa

    ;-)

    ricnar

  4. #4
    Hello Ricardo,
    When I had to play with that stuff, what I did i assemble a small piece of code using Ml64 or YASM64 and then used .readmem command in windbg to write the code in... would not say its the best or perfect solution ... but I was too lazy to actually add YASM as a plugin to windbg/IDA... but im sure you can do it pretty easily...

    Good luck

  5. #5
    Thanks for the help

    ricnar

  6. #6
    lallous
    Guest
    Just an idea, try HiewPlus.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Is not free, and the cracked version don't have the assembler/dissassembler in 64 bits, the version i have don't have this feature.

    ricnar

Similar Threads

  1. BITS used as a covert channel
    By Hex Blog in forum Blogs Forum
    Replies: 0
    Last Post: February 7th, 2009, 16:50
  2. Is about IMMUNITY DEBUGGER (not olydbg), HOW CRACK USING ID WITH WINGIDE
    By Ricardo Narvaja in forum OllyDbg Support Forums
    Replies: 14
    Last Post: November 11th, 2007, 23:30
  3. Looking for a GOOD packer/crypter
    By markh51 in forum Malware Analysis and Unpacking Forum
    Replies: 9
    Last Post: March 1st, 2006, 11:02
  4. GOOD JOB
    By Ricardo Narvaja in forum OllyScript Plugin
    Replies: 2
    Last Post: August 29th, 2004, 03:57

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •