MahdiSafsafi
commented
6 years ago Hi, I'm just confused. What offset you mean ? can you please provide more information ?
Open Chandlr opened 6 years ago
MahdiSafsafi
commented
6 years ago Hi, I'm just confused. What offset you mean ? can you please provide more information ?
Chandlr
commented
6 years ago Something like this S:=TRegEx.Replace(S, '([0-9A-F]{2})*(['+IntToHex( SwapEndian(ins.Disp.Value ) )+']){2}', '??'); and S being Opcodes .. ive figured that out now ;)
iam somewhat new to regex sorry :)
MahdiSafsafi
commented
6 years ago No, this is not supported for the moment.
Chandlr
commented
4 years ago hi check my rep, "x64dbg_LabelSigDB" it does this with your code :)
Hi iam wondering if its possible to detect opcodes and display output offset as wildcard bytes eg
??just like PEiD signatures.I noticed the code:
if (ins.InstID = INST_ID_MOV) and ((ins.Arg1.Reg = REG_EAX) and (ins.Arg2.Flags > 0)) thenso is it possible to change the offsets bytes to??then display the opcode bytes ? :)