Appearance
Script interface
A script typically refers to a text file containing a series of computer instructions or commands that can be executed line by line by an interpreter or the runtime environment of an interpretive language. Scripts are commonly used in fields such as automation tasks, batch processing, system management, and data processing.
Script functions can integrate x64dbg commands with the Python language and provide powerful automation and customization capabilities. The use of Python scripts enables automatic execution of debugging tasks, customized analysis tools, and is user-friendly and cross platform, providing more efficient and flexible solutions for reverse engineering and security research.
Execute built-in commands
When the user needs to execute the built-in command of x64dbg
, the script_runcmd
function can be used. This function accepts a string command, such as dis.call(addr)
, which is used to determine whether the call at the address ofaddr
isCall
. If successful, it returns true. If unsuccessful, it returns false.
python
>>> eip = dbg.get_eip()
>>> hex(eip)
'0xf015bb'
>>>
>>> cmd = "dis.iscall({})".format(eip)
>>> cmd
'dis.iscall(15734203)'
>>>
>>> dbg.script_runcmd(cmd)
True
The above method can only execute commands without a return value. If you need to use a command with a return value, you can use the script_runcmd_ex
function, which returns an integer type after successful execution. If the return value is not 0, it returns a constant of 125649873
. If it returns false, it indicates execution failure.
python
>>> eip = dbg.get_eip()
>>> hex(eip)
'0x776ef127'
>>>
>>> cmd_base = "mod.base({})".format(hex(eip))
>>> cmd_size = "mod.size({})".format(hex(eip))
>>>
>>> retn_base = dbg.script_runcmd_ex(cmd_base)
>>> retn_size = dbg.script_runcmd_ex(cmd_size)
>>>
>>> hex(retn_base)
'0x77640000'
>>> hex(retn_size)
'0x19c000'
Loading and executing scripts
Loading a script can directly call the script_loader
function, which takes a string path. If the function executes successfully, the debugger will load a script file.
python
>>> load_flag = dbg.script_loader("d://debugger.sh")
>>> load_flag
True
Executing a script can call the script_running
function, which is used to specify that an integer is required. If 1 is passed in, it means execution starts from the first line until the end. If a parameter greater than 1 is passed in, it specifies that a specific line needs to be executed. The script_step
function is used to execute a specific line.
python
>>> dbg.script_running(1)
True
>>> dbg.script_running(2)
True
>>> dbg.script_running(3)
True
>>> dbg.script_steip(1)
True
>>> dbg.script_steip(2)
True
>>> dbg.script_steip(3)
True
Closing the current script can be achieved by calling the script_unloader
function, which has no parameter passing. After successful execution, the open script file will be closed.
python
>>> dbg.script_unloader()
True