To start off, for all my HackerSploit fans out there, I’d like to take this chance to thank you for 200,000 subscribers. I will keep on with my promise, and always provide you with top quality videos.
Today, we will look at the Immunity Debugger! Setting up your debugger on Windows
It is actually not as daunting as it seems!
What is the Immunity debugger?
Immunity Debugger is a really cool way to write exploits/make 0days look at malware, and reverse engineer! It has a solid user interface, with a supported Python API for easy extensibility.
What is a compiler?
is a computer program that transforms source code written in a programming language into another computer language (Smart huh?)
What’s an IDE?
IDE stands for an integrated development environment. This is a software application that provides comprehensive facilities to computer programmers for software development. Neat!
What you need:
- A debugger, In this case, the immunity debugger
- The new C compiler and an IDE or an editor. Code blocks and Dev C++, which already comes with the C compiler! The C compiler allows you to compile your code and run it on a windows based operating system! Cool huh? I prefer DEV C++
- Know the basics of C
Immunity Debugger: https://www.immunityinc.com/products/debugger/
Dev C++: https://sourceforge.net/projects/orwelldevcpp/
You may be thinking, why don’t we just use immunity, but the thing is immunity is only a 32-bit debugger, which only means you can debug 32-bit based or opera based programs OR executables which is a problem! Don’t worry though, I am here.
Keep subscribed to my channel if you’d like to see how to use the x64 debugger!
- Make sure to have python 2.7 installed!
- When you are working with Dev C++ or Code blocks, you will see that it will automatically choose the 64-bit release! Now that means it will create a 64 bit executable, so that means we cannot open it up and analyze it with the Immunity debugger!
Immunity Debugger Use:
I know, it doesn’t look the best, so if you’d like to change the appearance, simple!
Options > Appearance > General
Now you can change the font size/color and a lot more!
To open up an executable:
Go to: File > Desktop(OR WHEREVER YOU SAVED THE FILE) > [Name].exe
Then open it up. When you open it up, don’t be scared by what you see, it is in it’s paused state, which means it isn’t actually running. To make sure it does run, go the far LEFT and you should see a play button and all the controls regarding the executable. Once you press the play button, you will see all the instructions that are then going to be passed on to the CPU and you have the registers etc.
The four windows all show various bits of information, but don’t be worried if you don’t know what the windows do:
- The top left windows contain the CPU instructions as you clever people may have guessed. There will be 3 columns, in the first column, there is the memory address, the middle contains the OP code.
- The top right window shows you the registers! There are for registers, the EAX, ECX, EDX, and EBX. Registers are like a storage area that essentially provides quick access to data. These 4 registers are the most important.
- EAX is the accumulator responsible for arithmetic.
- ECX is the counter register which is there for accommodating loops. You may understand if you do programming.
- EDX is a data register
- EBX is a very basic type of storage for data
- You will soon understand EVERYTHING and add to your already smart brain in future videos. You will start understanding how it all comes together, it will be easy for you people as you are very smart.