GUI Windbg.zip
A very useful GUI for windbg by STZWEI, this is the first version, and is a very helpful for those who crack with windbg, i write 6 tutorials with WINDBG and i´m learning the use of this good debugger.

Start windbg last version, and start the GUI, you will have a useful GUI for avoid type, in BPs,historical save of commands (tipying the initial letters can be restored), and many many improvements.

Suggestions appreciated

Ricardo Narvaja

---------------------------
Error
---------------------------
No se ha encontrado la ventana de comandos. Abra un archivo y reinicie GUI_WinDbg
---------------------------
OK
---------------------------

saca la marca en el windbg en MDI EMULATION y reinicia y asi lo toma, si la tenes quitada, ponelaa, reinicia, quitala, reinicia y asi lo tomara siempre desde ahora.

Ricardo

Uh... could you repeat that in English?

the mark in the menu of windbg, in MDI EMULATION need to be unchecked, if you have checked, uncheck and restart, if you have unchecked and the error continue, check, restart, uncheck, and restart again and always work forever.

Ricardo

you need have a archive open for the gui recognice the command window, when the window is recognized you can change the archive etc

Ricardo

I have no idea what you mean by "archive" but I've got it working after opening the command window. And... it's all in Spanish. Very useful.

open a file for cracking, or open the wmware or the second machine if you are cracking in two machines mode.

and yes we speak spanish, but when the tool will be finished maybe can be translated.

Ricardo

Archive == File

Isn't WinDBG a full system-level debugger like SoftICE? If so... what'd you need a GUI for?

GUI can be something of user friendly, nice look, but IMHO
is absolutely not necessary, it's only a matter of Command-Line
and stepping

Have a nice day

is for more easy to use, type is slow, retype more slow, have buttons, for put commands, and save the historical commands, for east repeat only tipying one or two letter of the command, is for make more useful and friendly no more.

Ricardo

I don't know about you but IMO clicking at things is a lot slower than typing (short) commands...

maybe DOS is more quick for work than windows?, is your opinion, all programs come with a GUI, for easy to use and quick, if you use more quick typing, perfect, use the command line this is not mandatory at all, is for aid the users who want a GUI.

If i need type 3 times for example

bp `mysource.cpp:143` "j (poi(MyVar)>0n20) ''; 'gc' "


and tipe one only and is stored, when i repeat only tiping b and enter, or bp and enter, you can save time using the historical, but is a choice of each one.

ricardo

works pretty nice ,

you can also add ub in densembler

and in the stepping function pc tc wt would be a good addition

also i dont see a bp /p "process" someaddress option

i think you can ask him to add ZwDebugControl block to fetch the Eprocess
of the process and make it set a bp on the process that one is interested in


yep those who dont use windbg on user mode application wont find it usefull
its a royal pita to do

bp poi(poi(esp+0xb8)) on ntddl!NtContinue

is the source available ricardo ? or maybe shareable privately if it is not to be published ?

how is it coded ? an extension ? or completely standalone and doesnt use any of those diks (ddk sdk vdk kdk mdk kmdf vmdf wmdf and all other sundry blah blahs included in diks)

nice to see some clickable interface to windbg the gui is sorely lacking

mouse interaction

i pass the suggestiopn to the author

Thanks
Ricardo

http://crackslatinos.hispadominio.net/CracksLatinoS/herramientas/fuentes%20GUI_WinDbg%20V1.01.zip

http://crackslatinos.hispadominio.net/CracksLatinoS/herramientas/GUI_Windbg%20V1.01.zip

new version and sources

from the author (notify the changes to the code for add to the next versions)



- Maximiza WinDbg al "desiconizar"
- Cuando abre desde systray también hace visible WinDbg
- Añadidos comandos "ub" "tc" "wc"
- Añadido menu y pestaña para comandos de usuario (creo que es bastante interesante a ver que te parece)

También te envío el código fuente.


El código fuente te ruego que lo cuelgues de la página de crackslatinos para que sea allí el lugar de acceso y descarga.
Si alguien de crackslatinos o de fuera modifica o aporta alguna mejora agradecería que me lo notificaran para incluirlo en posteriores versiones.

Una vez que esté colgado de la página, abriré un nuevo tema en el foro para que sea allí el sitio donde se centralicen las propuestas.

Gracias por tomarte el interés de publicarlo


stzwei

Notify me changes to the code for send to the author
Ricardo

oops delphi i have to learn that
anyway the idea is nice to use SendMessage() no need for all the diks plain
and simple

thanks ricardo for providing a link to the source
let me see if i could tweak it a bit

Most of us here don't know Spanish. It would help if you provided an English translation.

for blabberer:

you can add and tweak, only the author tell me, send the changes for add in the next version.

for LLXX: maybe the final version the author translate, in beta versions of an evolution,for spanish authors, translate is not possible, the work need be directed to improve the tool, when the final are released, can be translated, but i send the sources, translate is very easy with the sources, maybe some user can translate for all.

Ricardo

new beta od this GUI for windbg with improvements

ricardo

here is the version 1.02 with sources

ricardo

here the sources

ricardo

If we can agree on the version to work on, I'll happily integrate dxgettext to allow very easy translations in virtually any language. Usage for the author is very simple, basically no extra effort. For example:

Instead of just write

Forms can be translated automatically with a single Call to TranslateForm(self) in the CreateForm function.

Simply include the dxgettext.pas as the first unit in your project file, and that's it.

Extraction of translation data is automatic for 99.9% of all cases, translation files can be generated with a small editor utility that even provides translation memory.

I really recommend using this approach for all projects right from the start, it's really simple!

Here is the website with lots of documentation and all: http://dybdahl.dk/dxgettext/

i ask to the author

ricardo

hi ricardo also ask him if he could supply a list of GWL_IDS to the windows in question i assume he has reshacked it and leeched all those ids

i cant decipher his delphi (else i have to sit and keep on reversing these damned findWindows and GetWindowsLong(GWL_ID))
so that one can use the quickedit facility to copy the contents below cursor
and paste it in memory window

so that it behaves like follow in dump

windbg can already copy contents under cursor with plain right click

here is the response of the author:

--------------------------------------------------------------------------

Con respecto a la pregunta de blabberer sobre los GWL_IDS de las ventanas de WinDbg te envío una captura de Olly donde se muestran los identificadores de las ventanas de Command

Linea de comando (Edit) ID = 0FA3
Ventana salida (Output) ID = 0FA2

Son las únicas ventanas en las que se usa la API GetWindowLongA

En la captura lo muestro.

Creo que se refiere a eso.
Sino es así pues le pasas mi correo y miro a ver que puedo hacer.

Stzwei
--------------------------------------------------------------------

PD the image is attached in the rar
Ricardo

thanks i was wanting to know if he has a list of all possible ids

these damned translators sure do a nice job atleast understanadble translation



see the attached pic

i was wanting to know if there are several memory windows open (i have two open in the screen shot below is there a way to distinguish them individually everytime ? i see he is using FindWindows (with WindowText)
does these memory windows have window classes of thier own ?

say i want to pass some thing to dump can i send it to one memory window EDITbox and also if i want to pass something to say (follow in stack can i pass it to another window (and be sure it will remain same every time)

i see he has added a syntax highlighted disassembler window seperately
cant that be integrated inside with SendMessage( richedit,wm_ or em_ whatever ,wParam,lparam); why do it seperate ?

you can bring the gui display as close to ollydbg as possible
by setting it up right from the start and making it default

yep sure i can run windbg on ollydbg and reverse (i have already done it many times) but that needs concentration it cant be done on a piece meal basis


also if i had the delphi compiler and its accessories it wouldnt be much of a botheration to reverse or just plain code

but i dont have them and dont wish to download the enterprise trial wahtever is being offered by borland for 30 days (basically i hate downloading anything above 10~20 mb) bcc 5.5 is just 9 mb and suits fine for me

new GUI windbg 1.03 + sources

is uploading to my web i send the link in short time

Ricardo

http://storage2.ricardonarvaja.com.ar/web/OTROS/HERRAMIENTAS/F-G-H-I-J-K/GUI_WinDbg%20v1.03.zip

and blabberer, i try understand but my english is very limited

Ricardo

this 1.03 is a english version

Ricardo