my computer runs 64bit vista... apparently all the tools people use in tutorials are for 32bit systems only. there is windbg for 64bit debugging but noone has made any tutorials for this and it seems all the great scripts and plugins are for ollydbg anyway. ive found a script that supposedly lets you run ollydbg on a 64bit OS but it doesnt look very promising

does the fix work? or should i give up hope of being able to go through these tutorials ive found on this machine?


edit - i did search 64bit but didnt really find any threads like this... and the one that was similar was 4 years old, maybe responses would be different now

My guess.....

A VM that will run 32 in a 64 environment.

Or you could install an older version or windows on the same machine without dumping your vista.

I suppose there are many ways to do it.

Woodmann

buy cheap used 32bit comp!?

*evaluator buy cheap used 32bit comp!?

He buy you pay for him? :P

when i look in task manager it says *32 by the 32bit applications... does this mean it should work like it was on a 32bit processor?

http://img265.imageshack.us/img265/3158/53051472hy3.jpg

anyway, id really rather work on this computer. if i cant get it to work on this one i might try using windbg for a step-by-step solution and forget about hoping for a quick-fix script

Kinda, your OS use what is called "Windows On Windows 64", WoW64. A layer mainly using 3 compat dlls to run 32b PE files unmodified on 64b platforms, see google for further info.

ok small tutorial
works with most stuff , only themida detect something
download a http://www.ollydbg.de fresh ollydbg

download http://tuts4you.com/download.php?view.122 lena tutorial 1and put the ini file into ollydbg

create plugin and upp folder and change olly settings

download
http://www.tuts4you.com/download.php?view.75 olly advance,
http://www.tuts4you.com/download.php?view.2425 stealth 64
and the http://www.tuts4you.com/download.php?view.2012 themida9in1 exe

put the dlls into plugins folder
and enable http://img185.imageshack.us/img185/7145/settingsga0.jpg


if there are some users with good debugin knowledge it would be very nice if they can tell me what themida detects on my system
if i attach a process the process terminate


greetz blub22

In stealth64 check everything except "Suspend Time API's".
Although I love OllyAdvanced, I would not recommend it on Vista x64.
Use a modified Olly like Sabre-Gold : http://www.tuts4you.com/download.php?view.2163.

same problem on sabre
http://img509.imageshack.us/img509/4412/unbenanntfz4.jpg
on xp 32 i use olly phantom , enable all features and it runs

esther.. i kLLL U : )!

he has VISTAon64 i have W98on600CEL & i must buy for him??!!

thanks for the screenshots and advice... i now have setup

ollydbg 1.10
-stealth64
-advancedolly

ollydbg sabre gold
-many plugins that came with package
-no stealth64 ?

and in same folder as ollydbg 1.10 i put ollydbg9in1

is that right?

what is the function of stealth64? does that allow it to work properly in 64bit os, or is that to hide the debugger from certain protections?


one last question, if it's not too much trouble, is there anywhere just a list of common debug terms such as JE, CMP, EAX and their meaning?

Common debug terms..........

Find an asm manual.

Woodmann

when you add the themida 9in1 exe into the olly1.10 folder its nearly same
and you should use the ini from lena tutorials

update !
for themida ... you need phantom plugin and enable only the
custom handle exception [x]
then you can debug on vista 64