Skip to content

ThunderCls/MagicPoints

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
pluginsdk
pluginsdk
 
 
res
res
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
MagiCalls.stat
MagiCalls.stat
 
 
MagicPoints.cbproj
MagicPoints.cbproj
 
 
MagicPoints.cbproj.local
MagicPoints.cbproj.local
 
 
MagicPoints.cpp
MagicPoints.cpp
 
 
MagicPoints.h
MagicPoints.h
 
 
MagicPoints.res
MagicPoints.res
 
 
README.md
README.md
 
 
dll_link.cpp
dll_link.cpp
 
 
dll_link.h
dll_link.h
 
 
exports.def
exports.def
 
 
frmAbout.cpp
frmAbout.cpp
 
 
frmAbout.dfm
frmAbout.dfm
 
 
frmAbout.h
frmAbout.h
 
 
frmMain.cpp
frmMain.cpp
 
 
frmMain.dfm
frmMain.dfm
 
 
frmMain.h
frmMain.h
 
 
icons.h
icons.h
 
 
plugin.cpp
plugin.cpp
 
 
plugin.h
plugin.h
 
 
pluginmain.cpp
pluginmain.cpp
 
 
pluginmain.h
pluginmain.h
 
 

Repository files navigation

MagicPoints

MagicPoints plugin for x64dbg

MagicPoints v1 plugin by ThunderCls - 2016

ATTENTION: THIS PLUGIN HAS BEEN DEPRECATED AND IT IS NOT SUPPORTED ANYMORE

YOU SHOULD USE xHotSpots (https://github.com/ThunderCls/xHotSpots) INSTEAD

Blog: http://reversec0de.wordpress.com

MagicPoints is a plugin for the x86/x64 x64dbg debugger by @mrexodia. This plugin is intended to give the user the option to access certain points of the debugged application when events addresses are calculated, thus permiting to intercept such points to stop execution right before those events are executed.

There are several papers explaining such procedure in more details at:

After magic points are located for the current debugged application, such points are marked by a breakpoint and a comment for the user to recognize them.

Plugin based on papers by: AkirA & Ricardo Narvaja

Installation:

  • Copy MagicPoints.dp32 to x32 plugins directory of x64dbg
  • Look under the "Plugins" menu in the main x64dbg window or in the secondary menu in the Disasm window as well

Features & Usage:

  • Define the compiler for the current debugged application
  • Select such compiler from the dropdown menu
  • Click on the Locate button
  • A message will pop up whether magic points were located or not and a breakpoint along with a comment is setted in those points
  • Run your .exe and after the magic point breakpoint is hitted, place another BP on your exe code section and Run
  • If you did it right and everything was fine, you'll be landing exactly in the hot spot of your application

Video Demo:

IMAGE ALT TEXT HERE

About

MagicPoints plugin for x64dbg

Resources

Readme
Activity

Stars

19 stars

Watchers

4 watching

Forks

6 forks
Report repository

Releases 1

MagicPoints_x86 Latest
Nov 4, 2016

Packages

No packages published

Languages