ret2libc
commented
1 year ago Did you try running it under another debugger? Does it work there?
Open mendelg opened 1 year ago
ret2libc
commented
1 year ago Did you try running it under another debugger? Does it work there?
mendelg
commented
1 year ago Did you try running it under another debugger? Does it work there?
Yes, I have tried under x32dbg and it runs correctly
ITAYC0HEN
commented
1 year ago Thank you for reporting the issue :) Is there anything written in the Console widget or in the terminal? Some error logs? (try to execute Cutter from the terminal, i.e Powershell\CMD)
XVilka
commented
1 year ago Could you please try with Rizin itself? If it works in your environment?
mendelg
commented
1 year ago @XVilka I'm new to Cutter and unsure how to run it with Rizin itself. I have seen an "rizin.exe' file in my cutter directory but I'm unsure how to use it. Can you please guide me on how to run it with Rizin itself
mendelg
commented
1 year ago @ITAYC0HEN This is the error log I get: It seems like the error is on this line:
ERROR: Cannot debug file (C:\Program Files (x86)\ResponsaCD29\RESPONSA.exe) with permissions set to 0x7.(I have run the file with admin privileges)
If you want to open the file in read-write mode, invoke rizin with '-w'
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls
[x] Analyze len bytes of instructions for references
[x] Check for classes
[x] Analyze local variables and arguments
[Cannot convert the type for the variable "fcn.005c8fe0.var_60h" into pointer
Cannot convert the type for the variable "fcn.0064b3a0.var_b8h" into pointer
Cannot convert the type for the variable "fcn.006377e0.arg_8h" into pointer
Cannot convert the type for the variable "fcn.005dd250.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005dd3f0.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005c8a20.var_78h" into pointer
Cannot convert the type for the variable "fcn.005d3150.arg_8h" into pointer
Cannot convert the type for the variable "fcn.005b9710.arg_18h" into pointer
Cannot convert the type for the variable "fcn.005408f0.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005dd200.arg_8h" into pointer
[x] Type matching analysis for all functions
[x] Applied 545 FLIRT signatures via sigdb
[x] Propagate noreturn information
[x] Use -AA or aaaa to perform additional experimental analysis.
ERROR: Cannot debug file (C:\Program Files (x86)\ResponsaCD29\RESPONSA.exe) with permissions set to 0x7.
Reopening the original file in read-only mode.
Spawned new process with pid 13200, tid = 696
ERROR: File dbg://C:\\Program\ Files\ (x86)\\ResponsaCD29\\RESPONSA.exe reopened in read-write mode
CC @yossizap any insight?
Environment information
Describe the bug
I'm trying to reverse a Packed executable on windows using Cutter.
When I run the program in the cutter debugger, the program just doesn't run. See attached video below (under the screenshot section) You can download the EXE from here: (run responsa.exe):
https://drive.google.com/file/d/1Qh0rdfwPzBGM1EuKqO4Kx94d1h-6okyS/view?usp=sharing
To Reproduce
Steps to reproduce the behavior: Simple press the Run button (the >>> icon) Expected behavior
The program should be able to run normally.
Screenshots
https://imgur.com/a/tNcUWax
Additional context
When I run the program normally, without any cutter, the program does run correctly. So, the program isn't broken.