Posts Tagged: debugger

Here are some detailed instructions on how to install pydbg. In its most basic form, you need the following to execute a program: from pydbg import * from pydbg.defines import * def exception_handle(dbg):     print(dbg.dump_context()) raw_input(“Press enter to continue…”)     return DBG_EXCEPTION_NOT_HANDLED def debug(exe_path, params):     dbg = pydbg()     pid… Read Article →

Set the Windows VM for debugging:     bcdedit /debug on     bcdedit /dbgsettings serial debugport:1 baudrate:115200 In the VM settings, associate a pipe to the COM1 port: \\.\\pipe\debugk (windows) or /tmp/debugk (linux)   Here is a list of some useful windbg commands: lm – list modules !address <addr> – show details about addr !peb… Read Article →

This is a python script for Immunity debugger that sets breakpoints on “interesting” APIs. Here is the list of APIs (in no particular order): “ZwRaiseHardError” “bind” “listen” “socket” “DeviceIoControl” “ZwCreateFile” “ZwCreateSection” “ZwQueryInformationFile” “ZwQueryAttributesFile” “ZwCreateUserProcess” “ZwOpenKeyEx” “ZwOpenKey” “ResumeThread” “CopyFileA” “CopyFileExW” “CopyFileW” “CreateDirectoryA” “CreateDirectoryW” “CreateMutexA” “CreateMutexW” “CreateFileA” “CreateFileW” “CreateProcessA” “CreateProcessW” “CreateProcessInternalA” “CreateRemoteThread” “WinExec” “OpenProcess” “Sleep” “IsDebuggerPresent” “WriteProcessMemory” “_write” “ZwWriteFile”… Read Article →

Scroll To Top