Why do people use VM to debug an .exe? as a follow up questions someone told me to absolutely not to patch an exe on my hdd (x64dbg) I could not understand what does it suppose to mean? Where do I patch the exe then?
Why do we use debugger(ollydbg or x64dbg) on Virtual Machine?
1k views Asked by Crows Ravens At
1
There are 1 answers
Related Questions in DEBUGGING
- How to pass the value of a function of one class to a function of another with the @property decorator
- Visual Studio C++, breakpoints not stopping debugging DLL (GODOT GDExtention)
- Playwright JS: Getting an error when debugging using line numbers
- C++ skips line when promting for user to enter name of person being added to a string array
- Xcode: Can't Attach to process
- unity navmeshsurface prefab not found or whatever
- It seems to be a bug about "base::trace()" or "methods:::.TraceWithMethods()"?
- How to check reference counting issues when doing direct manipulations of CPython objects?
- How to scroll to the bottom of console window in PyCharm2019 automatically?
- need help debugging prolog
- Is there a way to deactivate (but not delete) conditional breakpoints when debugging?
- How can i debug a python exe which is created by using pyinstaller?
- Increment or Decrement volume programmatically on Xiaomi device adjusts it by 10 steps instead of one step
- Checking request JSON with image data
- Why cannot I set font of `xlabel` in `plotmf` in MATLAB?
Related Questions in OLLYDBG
- x64dbg jump arrows disappears when scrolling the page
- Patching a file with x64dbg after finding ram addresses
- Save memory dump edit into an exe file in OllyDbg
- how to compare two exe files with x64dbg
- Why conditional breakpoint doesn't work in some address in ollydbg?
- How to know number of parameters in x86-64 assemble(windows)
- How can I import my breakpoint from OllyDBG to my C++ code?
- create symbol or rename a function inside WinDBG
- How to replace a store of EAX with a store of an immediate constant?
- Runtime error C0000005 of an unpacked executable file [UPX 3.91+]
- Trying to determine and change "Nation/locale/region Code" for application inside disassembler
- OllyDbg not properly interpreting SSE2 instructions and operands
- Interruption service in assembler (int 21h) and it's behavior (w/OllyDbg)
- Is digital certificate of PE(Portable Executable) file is in overlay of file?
- OllyDbg - How can I add more instruction space to a .exe file?
Related Questions in DBG
- Stuck Setting up libc6:i386
- How to add debugging capabilities to a custom programming language
- Save memory dump edit into an exe file in OllyDbg
- dword ptr ss:[esp+0xA] Isn't it correct to get the syntax corresponding to the esp+0xA address?
- No output from erlang tracer
- Extract .class from EXE
- How to fix error "could not initialize WinDbg engine" in ida pro 7.5?
- Disassamble ELF file - debugging area where specific string of binary is loaded
- Why do we use debugger(ollydbg or x64dbg) on Virtual Machine?
- Why my start address in Ollydbg is different than other people
- dbg gets extremely slow (during import of large drawing files)
- Hook breakpoint in ida7.0 failed
- erlang dbg module is not working included in relx
- unimplemented function msvcr120.dll when launching dbg debugger on ubuntu
- how to include line-numbers in Erlang/Elixir Dbg
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Your question is relatively broad with at least 2 possible scenarios. Let me explain.
Scenario 1:
That someone may mean don't patch the application, since it will ruin your original copy. Point is VMs are relatively reusable and disposable. Thus experimenting, patching, destroying an application inside VM will have zero impact on your actual machine (at least theoretically, since in real world malware etc can escape from a VM). Since even if you patched the wrong file/screwed up, all you need to do is restore the VM.
Scenario 2:
If you are into OS debugging/advanced patching, your "someone" may be referring to whats called a Kernel debugging. Since kernel debugging means having a parallel machine, (physical or virtual) inspect the whole operating system in which your application is running. It is same as when you attach debugger to an application, but this is at the lowest Operating system level.
From the way the question is framed I am more inclined that someone is talking about Scenario 1!