What is Reddit's opinion of x64dbg?

From 3.5 billion Reddit comments

My simple helper memory editor is indeed just to help users, just makes it simpler than to tell someone to download a special version to be able to debug stuff, which I'm sure if I did so I'd be even more accused of distributing a "secret" version with a memory editor.

Trust me, if someone wants a memory editor (and knows what to do with it) they don't need my bare bones memory editor, they just download the free debugger x64dbg which is orders of magnitude more powerful than a simple memory editor.

For people that cannot wait there is a slightly advanced fix.

1. First download x64dbg, extract and run the release/x64/x64dbg.exe.
2. Open the starcitizen binary located under Public/Bin64/starcitizen.exe
3. It will automatically start the executable and hit a break point, just keep clicking the right arrow stating run.
4. During loading/shortly after it the game will crash and x64dbg will show illegal instruction marking some assembly with RIP -> and black bar.
5. The instruction will read popcnt ecx, eax change this line (double click) to mov ecx, 1 and click ok once and cancel thenm.
6. Press shift-F9 (Click the run button several times), the game might timeout if you take to long, but otherwise it should load just fine.
7. Right click the instruction and select patches (shortcut CTRL-P), verify that the assembly has changed for five variables and press "Patch File" and save it as "StarCitizen_nopopcnt.exe" for example. Next time you can just run this patched file without the debugger.

The game might hit more breakpoints with errors, just keep pressing continue. If this doesn't help then (for example memory violation) it probably crashed for good and just need to quit using the box.

EDIT: Added an extra step such that the debugger is no longer required.

> I think these are all 32-bit VSTs, but I'm not sure how to confirm this. :\

If you are build them with 64 bit compiler, they are 64 bit)

If you don't know, you can download debugger and open vst in it. If addresses are short like in red selection - it is 32 bit. If they long like in orange one - 64 bit.

Instead of OllyDbg, I strongly recommend x64dbg. It's basically a modern version of OllyDbg (despite its name it can debug 32-bit processes processes).

I suppose it won't matter too much if all you're using OllyDbg for is pausing processes, but if you plan to do anything beyond that or just dislike OllyDbg's interface, x64dbg is so much better. I used to use OllyDbg for reverse engineering at work, and I really wish someone had told me about x64dbg earlier.

Usually not; without going into too much detail, games usually aren't shipped with debugging symbols that make understanding compiled code easier. This is done on purpose, to prevent people from reverse engineering the binary.

The type of debugger you're looking for will be a low-level debugger like x64dbg or the debugger in IDA. These will allow you to execute the program at the assembly level, and step through each assembly instruction.

Unfortunately this makes understanding the code a huge pain in the ass, which is why reverse engineering is so difficult. With a large game binary, you'll be thrown into a sea of disassembly and will need to figure out which functions do what. My advice is to find some strings in the binary that are found on the continue screen, and look at the cross-references of each to see which functions it's being used in. If you see a lot of them pointing to one function, set a breakpoint on it and see if it gets called when you reach the continue string.

I can't speak to Ollydb64. But, I have used X64Dbg on a couple occasions recently. It can get the job done so far as I can tell though I haven't explored it's feature set more fully. Mostly quick reversing of 64-bit malware where I was already familiar w/ 32-bit variant.

You will want to pick up C++ and x64dbg tools (both are free, Visual Studio Community, and http://x64dbg.com/#start

Then I recommend various game cheating sites (uc), and codeproject and tuts4u. But instead of posting for help on those sites, just search your ass off. 99% of the time your question has been answered more than 10 times over already.

I use Ollydbg, but due to it not being updated in forever, I've switched to x64dbg (http://x64dbg.com/#start). x64dbg (also has a x32dbg that comes with it) is almost exactly like Olly with just a few hotkeys changed. Any ollydbg tutorial will translate to x64dbg. Good luck. If you have any questions about the two challenges I stated, feel free to msg me.

Excellent. Download this: http://x64dbg.com/

1) Load x64/x64dbg.exe
2) Load NMS.exe into debugger and then press F9 until the top of the window says "Module: nms.exe" (it might start off in kernel32.dll)
3) In the CPU tab, right click the code and go to the following menu: Search for > Current Module > Constant
4) Search for the constant 0xcc9e2d51
5) There will be a few entries, but look for the second one similar to this format: imul eax, dword ptr [rsp + 0x50], 0xcc9e2d51 (the first one is for writing saves, this one is for reading)
6) Double click that entry and it'll take you to the CPU tab again
7) Scroll up until you see cmp byte ptr [r9 + 8], 0
8) Left click on cmp byte ptr [r9 + 8], 0, then press F2 and it should turn red
9) Press F9 until the game runs and eventually it will stop at the line that was marked red
10) Click the memory view below the disassembly, press ctrl+g, and then enter "r9"

This should bring you to the value I'd need to know. You'll know you're at the right place if you see 16 bytes of random numbers followed by a unicode string. Take a picture of the window (or only the memory window if you'd like) and PM it to me (or post here if you don't mind others potentially knowing your potential ID).

The other thing I would like to know is the name of your save folder for your Steam profile. It should be in the format st_(numbers). I think the numbers may potentially be related or are the key but I can't make it work, which is why I need verification.