Thread: debugging of complex 64b targets and proper tools
View Single Post
  #4  
Old 12-13-2012, 19:31
cyberbob's Avatar
cyberbob cyberbob is offline
VIP
  
Join Date: Aug 2004
Posts: 95
Rept. Given: 23
Rept. Rcvd 119 Times in 29 Posts
Thanks Given: 6
Thanks Rcvd at 46 Times in 16 Posts
cyberbob Reputation: 100-199 cyberbob Reputation: 100-199
Quote:
Originally Posted by Shub-Nigurrath View Post
For my target for example I needed to break on a specific dll when it was being loaded by the program, but the command supposed to to that simply doesn't work.
strange, I have tested bpdll command under win7 & win8 and it works fine, maybe try using a wildcard e.g. bpdll *your.dll
If that doesn't help I'd be happy to investigate it, just send me PM with target app or link.

Quote:
Originally Posted by Shub-Nigurrath View Post
It's as well impossible to enter into a specific module (like Olly does) to add breakpoints or any other stuff in a specifi portion of code.
you can see loaded dll's in command window then press g in dissasembly window to jump into that module or you can use x (eXamine symbol) command e.g. x user32_* to list exported function to get function addr then set bp on it or disassemble it.

As for Visual DuxDebugger, I'm a bit bias but I think is a hideous piece of software. Current version is 3.9 but it feels like pre-alfa e.g. instead jumps to imports:

JMP [ntdll!RtlExitUserProcess]
JMP [user32!MessageBoxA]

you like see something like this

JMP [RIP+0xf8c]
JMP [RIP+0xf96]
Reply With Quote