Appearance
Plugin User Manual
Welcome to LyScript, a powerful plugin that allows you to control x64dbg for automatic operations through Python. In the field of reverse engineering, analyzing a large number of virus samples or searching for vulnerabilities often requires a lot of time and effort. The emergence of LyScript plugins has liberated the hands of reverse engineers and provided them with efficient automation solutions. Whether it's remote dynamic debugging, vulnerability retrieval, or automated binary sample analysis, LyScript can be your right-hand man.
This plugin combines the flexibility of Python and rich third-party libraries, providing convenience for exploiters, vulnerability mining, and malware analysis. By using plugins, you can quickly develop various custom tools, accelerate your workflow, and improve work efficiency.
Overview
Featuring feature plugins specifically designed for the security industry
INFO
- Reduce development time by 50%
- A simple and easy to understand interface
- A powerful scripting language for automated intelligent debugging
- Lightweight and fast debugging can prevent damage during complex analysis processes
- Connect to PyPi and Development Tools
Whether you are a reverse engineer, antivirus expert, or vulnerability analyst, this plugin will be an indispensable tool for you. Let's explore the powerful features of LyScript together, transforming heavy work into a relaxed and enjoyable experience!
Installing plugins
Before using this plugin, you need to download the corresponding version of the x64dbg debugger yourself. It can be confirmed that the plugin has no version restrictions on the debugger. If you have already installed the debugger, this step can be ignored.
Next, you need to click the download button to download the plugin locally. The downloaded file contains two folders, where x32 is a 32-bit plugin and x64 is a 64 bit plugin. The plugin consists of two parts, LyScript.dp32 is the main program and LyScript.ini is the configuration file. Drag these two files into the plugins directory of x64dbg to install the plugin.
Open the plugin configuration file and you will see three lines of configuration information, which can be used to specify whether the plugin is running, as well as binding address and port information. For security reasons, the new version of the plugin only allows local users to access by default. If you want to achieve remote debugging, you can modify the Address to 0.0.0.0 or any network card address for listening.
bash
[Setting]
Enabled=1
Address="127.0.0.1"
Port=6589Secondly, it is necessary to install the corresponding version of the Python package. Since the LyScript plugin has been integrated into the official PYPI repository, you can easily install it. Taking 32-bit as an example, open the console and enter pip install x32dbg to install it. If it is 64 bit, you need to execute pip install x64dbg to install it. It is recommended to install both packages simultaneously.
bash
Microsoft Windows [12.0.19999.888]
(c) 2024 Microsoft Corporation。
C:\Users\admin> pip install x32dbg
Installing collected packages: x32dbg
Successfully installed x32dbg-1.1.0
C:\Users\admin> pip install x64dbg
Installing collected packages: x64dbg
Successfully installed x64dbg-1.1.0Import and use
When everything is ready, you can officially use it. First, run the x32dbg debugger. After the plugin is successfully loaded, we open the Python console and import the debugging interface by entering from x32dbg import Debugger. In the Debugger function, you can specify the corresponding IP address and port information. If not specified, the default is the local address. By using connect, you can connect to the interior of the debugger, is_connect can be used to determine the status of the debugger, and close_connect can be used to close the local socket.
python
C:\> python
Python 3.12.0 [MSC v.1935 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>>
>>> from x32dbg import Debugger
>>>
>>> dbg = Debugger(address="127.0.0.1",port=6589)
>>> dbg
<x32dbg.Debugger object at 0x00323BA0>
>>>
>>> connect = dbg.connect()
>>> connect
True
>>> is_connect = dbg.is_connect()
>>> is_connect
True
>>> dbg.close_connect()
True