Very cool demo of windows debugging.. I guess this is how people reverse engineer compiled apps and make mods/patches/cracks? Coming from web dev background I'm unfamiliar with windows dev but isn't it the case usually in production builds debug symbols are removed prior to publishing?
Thanks! Indeed they are not shipped, but Microsoft provides many PDB files (with symbols) through its symbol server to assist debugging, by default these symbols are automatically fetched by Windbg
Yes, symbol files are usually exactly what developers of closed source software try to keep away from you. Without those, you only have calls to standard libraries (and maybe external modules, which have to use visible symbols at least for their exports) to figure out what's going on.
Hi Nir, Your content & knowledge are exceptional. I've followed all your videos and I'm really impressed. I'm curious, how did you acquire such high-quality knowledge on these low-level topics?
I'm a bit late, but I'm definitely coming in for a NEAT. Also, it would appear that after some animations the board is reset to it's original graphic, likely cause the "rest" sprite contains the background, eh?
I really like your videos :) looking forward to the next one! When I played around with this, I replaced the instruction with "mov bl,byte ptr [eax-100]" which draws the ball sprite instead of just black :) edit: I guess it draws nothing then and just keeps the previously drawn ball :D
awesome video thanks, how can the one find where to start watching the videos on your channel or from which video to start? knowing that i am already a professional programmer and i know c/c++ done some ctfs on reverse engineering studied some courses on hacking, tried some low level programs and currently studying from nand to tetris course, thanks in advance
You can play Pinball even today in modern Windows? Where did you get it and what about other games? I wanna play other old games, they were so cool. Btw awesome video I am surpised that windbg allows you to inject your own assembly into a process that is running.
Yes, I just copied the files from my Windows XP virtual machine, I assume the other games would also work, but haven't tried yet - might in a future video :)
Nice, didn't know about CheatEngine, looks cool! From what I understand it is more specifically geared towards games as compared to windbg which is Microsoft's main general purpose Windows debugger
@nirlichtman That's correct xd CheatEngine has features to find memory addresses at runtime easier. So when I was about 14, I used to use it to get infinite lives or an insane amount of damage for fun in difficult games xd When I saw what you did in your video, that was the first thing that came to mind. And it seems just as fun as that.
Ah, yes. Just reverse one of the most complicated and feature-rich operating systems out there that was build over decades by hundreds of engineers. Could be done in a weekend.
Very cool demo of windows debugging.. I guess this is how people reverse engineer compiled apps and make mods/patches/cracks? Coming from web dev background I'm unfamiliar with windows dev but isn't it the case usually in production builds debug symbols are removed prior to publishing?
Thanks! Indeed they are not shipped, but Microsoft provides many PDB files (with symbols) through its symbol server to assist debugging, by default these symbols are automatically fetched by Windbg
Yes, symbol files are usually exactly what developers of closed source software try to keep away from you. Without those, you only have calls to standard libraries (and maybe external modules, which have to use visible symbols at least for their exports) to figure out what's going on.
Man this is so good, random shenanigans with running processes, love it! More like this please
I love your explanation while using WinDbg. I hope you'll make more WinDbg videos. It's really hard to find WinDbg tutorials like this one.
This is cool! You just born inside a debugger xD
Like this type of your videos, short, straight to a point, and really interesting, keep up a good work)
please, more videos using windbg
@DavesGarage has videos on the how it was made
Hey, cool video! Definitely learned something new about WinDbg.
Back when Windows was still fun.
I love all this staff. Do you recommend me cybersecurity? and what branch specifically
Your channel is a hidden gem!
Nice work man, very cool to watch
Hi Nir, Your content & knowledge are exceptional. I've followed all your videos and I'm really impressed. I'm curious, how did you acquire such high-quality knowledge on these low-level topics?
Thanks! Through experience I have gained as a hobby and passion from a young age and from working as a programmer for several years
@@nirlichtman Thanks! There's always passion behind every exceptional thing :)
I'm a bit late, but I'm definitely coming in for a NEAT. Also, it would appear that after some animations the board is reset to it's original graphic, likely cause the "rest" sprite contains the background, eh?
Interesting, haven't noticed that, probably paints over everything sometimes :)
Amazing skill ⭐️
I really like your videos :) looking forward to the next one!
When I played around with this, I replaced the instruction with "mov bl,byte ptr [eax-100]" which draws the ball sprite instead of just black :)
edit: I guess it draws nothing then and just keeps the previously drawn ball :D
Awesome :) Yah, "mov bl,byte ptr [eax-100]" takes 6 bytes in memory so it overruns a couple of the next instructions as well
@@nirlichtman thanks for explaining it :)
סרטוני ההדרכה שלך פשוט מעולים ומעניינים. מקווה שתמשיך עם זה כמה שיותר :)
תודה!
awesome video thanks, how can the one find where to start watching the videos on your channel or from which video to start? knowing that i am already a professional programmer and i know c/c++ done some ctfs on reverse engineering studied some courses on hacking, tried some low level programs and currently studying from nand to tetris course, thanks in advance
Checkout my playlists :)
@@nirlichtman thanks
🤯 wow, awesome demo
You can play Pinball even today in modern Windows? Where did you get it and what about other games? I wanna play other old games, they were so cool.
Btw awesome video I am surpised that windbg allows you to inject your own assembly into a process that is running.
Yes, I just copied the files from my Windows XP virtual machine, I assume the other games would also work, but haven't tried yet - might in a future video :)
ksor
nice video!
Best deep dive into WinDbg debugging that I've ever seen! This is awesome!
Appreciate this 🫶 thanks bro! :)
if only there was a way to recreate the symbol file ... that would be nice (for something i was trying to reverse a while ago...)
it is indeed really cool
💖💖💖💖
Nice!
That debugger is basically CheatEngine Big Brother
Nice, didn't know about CheatEngine, looks cool! From what I understand it is more specifically geared towards games as compared to windbg which is Microsoft's main general purpose Windows debugger
@nirlichtman That's correct xd
CheatEngine has features to find memory addresses at runtime easier. So when I was about 14, I used to use it to get infinite lives or an insane amount of damage for fun in difficult games xd
When I saw what you did in your video, that was the first thing that came to mind. And it seems just as fun as that.
cool
Cool❤
Cool!
Thanks Ran!
mega, thankyou
Pls 🙏 reverse engineer macos. I want to have that kind of UI and performance open sourced.
Just run a Hackintosh man
@@SowTag too slow bro and no fun
Ah, yes. Just reverse one of the most complicated and feature-rich operating systems out there that was build over decades by hundreds of engineers. Could be done in a weekend.
@@martinbean now you get it :)
first! Nice work!