Exetools
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   [Nanomite] x64/x86 debugger - GUI and Class (https://forum.exetools.com/showthread.php?t=14817)

=GXG= 11-16-2013 22:53
Nice project.Update it

MCKSys Argentina 11-24-2013 14:35
I have tested Nanomite in his x64 version (qtNanomite.exe) in a VM with Win 7 Pro (x64 of course).
In most of the programs it worked ok, but some programs have blank disasm window when opened using "Open new file" command.
For example, Cheat engine version 6.2 comes with 2 "sample" programs. The x64 version (Tutorial-x86_64.exe) shows a blank disasm window when loaded the previous way.
Then the program runs fine, so the only issue here is the first-load blank disasm window.

Another thing is that when loading some apps (for example Internet Explorer 8 x64), Nanomite shows a MessageBox saying that "It seems that this file is packe or encrypted!", but they aren't. A false positive?
ADDED: Despite the message, the programs work ok.

Anyway, I'll keep using this excellent dbg and reporting anything that comes up.

Thanks Zer0Flag for you effort!

Cheers!

anon_c 11-26-2013 02:07
Thanks for this great tool!

It helped me patch Im@ris, a great software for microscopy, by applying an update to the solution provided by Team Lz0 for a previous version

Here are some suggestions/thoughts:

-How to use the Goto function to go to Offset? It would also be nice to be able to goto RVA.

-Editing a jump with VA or RVA does not work (the function will be edited by jmp to ??? address)

-It would be nice to be able to set flags individually instead of editing the EFlags. Not a big deal, but it would be faster...

-Hotkey " Return = …" does not work with the Return key of a keypad

Keep your good work, it is really appreciated

AC

Zer0Flag 11-28-2013 01:30
Thanks for this valuable feedback!

I will take the suggested issues/features onto my todo list. But currently I lack somehow of time because of RL... but updates will keep comming ;).

About the black disassembly window I know that this is based on the worse algorithm which the disassembler in nanomite is using currently and often occurs on packed or crypted samples. I´m planing to update this one in the next steps to offer a better analysis of the code and also take the control flow into account.

If you find any bugs or have feature requests you are always welcome!

~Zer0Flag

Dinisoid 11-28-2013 17:47
It would be good if you add ability to generate control flow graph for function or module.

Zer0Flag 12-31-2013 23:06
Code:
###Version 0.1 beta 17
+ fixed a bug in the internal exception handler which could cause a termination on windows 8.1
+ fixed a bug which made patching jumps impossible
+ added option for "DebugSetProcessKillOnExit"
+ added option to load symbols from ms servers
+ added execute to selected line
+ added possibility to toggle eflags directly from context menu in the register view
+ improved internal PE file handling
+ improved copy to clipboard context menu

####Notes:
        - You can now copy multi lines to the clipboard using the context menu

mrsick 05-09-2014 05:39
1 Attachment(s)
Nice !!

I did some tests, trying to attach to EMET agent x64 it crashes. :D

Another crash i get is when i attach to totalcmd x64, and try to list functions. It's empty but when i close the window it crash.

illmaR 06-19-2014 15:05
Will give it a try, thx!


All times are GMT +8. The time now is 00:48.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX