[Guide] Debug .dll Files on x64 Systems

GameEditor · 02/10/2010, 20:55

Nope, not going for the obvious fix of using a different disassembler.

Bet your thinking: *HOPES HE SAYS WE USE OLLYDBG, ELSE ITS SHIT*

Also I'm not going to say "Install x32".

This is because most advanced programmers and reverse code engineers will be using x64 systems because we just do? : D

<3

Yep : ) we're using Ollydbg.

NOTE: THIS IS NOT A GAME HACK -_-"

---------------

Steps:

1. Install clean install of Ollydbg from

2. Find a clean install of ODbgScript Plugin for ollydbg.
3. Copy and paste this into notepad and save as *.osc

Code:

// Get address of api to patch away

gpa "ZwSetInformationThread", "ntdll.dll"


// Store it in eax

mov eax, $RESULT


// Write the 'retn 10, nop' at beginning of api

mov [eax], #c2100090#


// Let program run until first exception

run


// Just step into exception twice

esti

esti


// Now step over it and let the program execute...

esto


// ... until it breaks at EP.

cob


// Place a nice comment there. Now we SHOULD be at EP.

cmt eip, "[ POSSIBLY PROGRAM'S ENTRY POINT ]"

4. Open up the file you wish to debug into Ollydbg, now run the script you saved as *.osc : )

5. Errors boxes will pop up regarding ntdll etc, just hit ok : )

6. It will now arrive at the EP.

7. Happy debugging : )

If anyone doesn't mind, and plays Mabinogi, want to teach me the basics of the game on MSN or IRC? I'm rather stuck into knowing how to play the game.

I'm developing a whole bunch of new hacks. Possibly will be rewriting some cast procedures sooner or later so we can open up to more possibilities : )

Also! It's funny seeing how people are calling each other leechers when I see the leecher actually pretending that he knows shit and calling other people leechers LOL.

Also, I don't see why that guy's post on fireball 1 charge hacking needs IDAPro. Unless you were taught to do it that shit way, you could've done it and found it way faster in Ollydbg.

I found the direct position of the jump in less than 2 minutes of analyzing and dry running the code.

fenrir2037 · 02/10/2010, 21:32

I'm starting to get a sense of bullshit.

Though I'm a beginner and what not. Olly does not observe asm functions that well. Although it is very possible to do it with Olly alone, IDA tends to organize it quite nicely for you.

Ok, now cause I'm epically bored I will now call bullshit.

Quote:

I found the direct position of the jump in less than 2 minutes of analyzing and dry running the code.

1- You cannot run skill.dll by it self.
2- If you did, you would need a HS bypass, and Fireball.

Quote:

If anyone doesn't mind, and plays Mabinogi, want to teach me the basics of the game on MSN or IRC? I'm rather stuck into knowing how to play the game.

3- You clearly lack the part called fireball.

And I could have sworn you're one of DR's many mules...But then again, I don't have the right considering I didn't do it, nor am I on a 64 bit system.

GameEditor · 02/10/2010, 21:34

Quote:

Originally Posted by fenrir2037

I'm starting to get a sense of bullshit.

Though I'm a beginner and what not. Olly does not observe asm functions that well. Although it is very possible to do it with Olly alone, IDA tends to organize it quite nicely for you.

Ok, now cause I'm epically bored I will now call bullshit.

1- You cannot run skill.dll by it self.
2- If you did, you would need a HS bypass, and Fireball.

3- You clearly lack the part called fireball.

And I could have sworn you're one of DR's many mules...But then again, I don't have the right considering I didn't do it, nor am I on a 64 bit system.

Do you even know what dry running and a trace table is?

Also of course I didn't run the *.dll -_-"

I've been reverse code engineering software for many years so don't give me a whole bunch of crap?

And what did you even mean by:

Code:

And I could have sworn you're one of DR's many mules..

What does DR mean?

and Ollydbg, does what it needs to do, and is efficient and effective. : )

Also actually, come to bringing it up. I was actually going to work on a hackshield bypass LOL. Thanks for bringing it up? : ) o-o Haven't actually even looked at this game's hackshield yet.

Also, yes I lack the part called fireball. Doesn't mean I lack my brain. : )

Also, this game's hackshield seems rather shit because it takes upto 10 minutes to detect me in-game. O_o"

Also when you understand the game, and play it, you'll see how the game is structured. So hacking and also creating hacks that are useful is much easier.

And don't call me bullshit because I own Ace-X and elitepvpers leeched all our AirRivals/Ace Online hacks when I first created them all, same with all the major hacks. So if I call bullshit, should be elitepvpers I be calling bullshit, not me. : ) And I know I created EVERY hack in AirRivals/Ace Online because I was the first ever hacker and I dissected their entire data structure etc. : )

mabicldx · 02/11/2010, 00:19

thanks i use x64. welcome to mabi section

GameEditor · 02/11/2010, 00:39

Quote:

Originally Posted by mabicldx

thanks i use x64. welcome to mabi section

Your welcome, worked great right? : )

ichigoyeh · 02/11/2010, 01:28

Haven't tested this because I'm on a public computer attempting to learn what the hell the ascii chart is for, but I'll make a thanks in advance.

If you still need a basic walkthrough on Mabinogi, then tell meh your msn through pm or something, or just what server you are on. ^-^'' I'll gladly help ya if it's within my reach. (bored look)

fenrir2037 · 02/11/2010, 02:05

Well, regardless if it works or not, you didn't make it. I just googled the first few lines of that script, and whadayaknow?

This is like darkraccoon bypass all over again. it has some use though.

Well then, thanks for sharing with the rest of the modding community I guess. =P

crystalarc · 02/11/2010, 02:41

He didn't claim he created it. He just posted a howto and no where did I see the words "its mine! I made this! dont use without my permission" In all he just brought to our attention a solution running olly on a x64 system.

Enough with that. Thanks for sharing the info

azure5 · 02/11/2010, 04:34

Interesting...
How/Why do you find Olly easier? IDA is extremely simple, since it's mostly reading assembly language. Most new programmers (that I know) use IDA, but I know a few who use Olly.
If you want to show me (and others) how it's easier than IDA, you could post a tutorial of how to create one charge FB via Olly, and actually finding out where the jump is, not just simply changing the address. I'm not trying to flame you, but if Olly made reverse engineering easier than IDA (for me) it would help in some cases, though I'm still learning assembly and how these languages get translated to binary...Thanks!

GameEditor · 02/11/2010, 10:02

Quote:

Originally Posted by fenrir2037

Well, regardless if it works or not, you didn't make it. I just googled the first few lines of that script, and whadayaknow?

This is like darkraccoon bypass all over again. it has some use though.

Well then, thanks for sharing with the rest of the modding community I guess. =P

Darkraccoon bypass. This isn't a bypass at all?

Also... This is simply reconfirming the location of ntdll. :3

x64 architecture is different to x84 so we have to tell it where to go?

GameEditor · 02/11/2010, 10:04

Quote:

Originally Posted by azure5

Interesting...
How/Why do you find Olly easier? IDA is extremely simple, since it's mostly reading assembly language. Most new programmers (that I know) use IDA, but I know a few who use Olly.
If you want to show me (and others) how it's easier than IDA, you could post a tutorial of how to create one charge FB via Olly, and actually finding out where the jump is, not just simply changing the address. I'm not trying to flame you, but if Olly made reverse engineering easier than IDA (for me) it would help in some cases, though I'm still learning assembly and how these languages get translated to binary...Thanks!

I'm not saying that IDA isn't good.

All I saw on the IDA tutorials in this section is...

"Find blah blah"

Then LOOK AROUND THE CODE SCROLL DOWN TILL U FIND BLAH BLAH.

That's not reverse engineering. That's spoon feeding : )

Thxbie : ) Got college.

AKB990 · 02/11/2010, 23:20

Works great. I know who you are, he's a pro coderz, if his story is true.

Anyway, if you're on Mari, hit me up with a PM. :P

GameEditor · 02/11/2010, 23:26

Quote:

Originally Posted by AKB990

Works great. I know who you are, he's a pro coderz, if his story is true.

Anyway, if you're on Mari, hit me up with a PM. :P

And No, I'm not Filterhead. I'm the one that FOUND the hacks for Air Rivals, Filterhead just coded them into a leechable executable so we could give it out :O

AKB990 · 02/12/2010, 00:25

Quote:

Originally Posted by GameEditor

And No, I'm not Filterhead. I'm the one that FOUND the hacks for Air Rivals, Filterhead just coded them into a leechable executable so we could give it out :O

I knew it when you said, "I own Ace-X"

GameEditor · 02/12/2010, 05:48

Quote:

Originally Posted by AKB990

I knew it when you said, "I own Ace-X"

You still online?