RTCDbg Announcement: Progress after 6 months

I would like to share something with my few fellow people.
6 Months before, I started developing my own Debugger, RTCDbg, which is a tool that will allow for debugging x64 Windows applications. The main goal was to create something that is visually compatible with OllyDbg as well as to maintain the debugger portable, so copy paste and fire.

Progress

Progress for the Graphical User Interface:

From the beggining, I was developing the GUI controls without the High DPI in mind. That is because the computer that I was using for development does not support such a functionality so I was not really aware of it. Now that I got another computer that supports that High DPI, so I can test the interface on both computer.
We will talk about the main menu, what was done ? what is half-done ? what is waiting to be done ?

File menu:

  • Open : Needs more code to be written.
  • Attach : Not implemented.
  • Exit : Needs more code to be written.
View menu:

  • Log: Not implemented 
  • Executable modules: Not implemented
  • Memory map: Not implemented
  • List of windows: Not implemented
  • Threads: Not implemented 
  • CPU: Very buggy and young
  • Handles: Does not exist yet
  • Watches: Does not exist yet
  • Search results: Does not exist yet
  • Run trace: Does not exist yet
  • Patches: Does not exist yet
  • INT3 breakpoints: Does not exist yet
  • Memory breakpoints: Does not exist yet
  • Hardware breakpoints: Does not exist yet
  • VEH/SEH chain: Does not exist yet
  • Call stack: Does not exist yet
  • Source files: Does not exist yet
  • File: Does not exist yet
  • Drive: Does not exist yet
Debug menu:

  • Create function library: Does not exist yet
Trace menu:

  • Open run trace

Plugins menu:

  • This will be implemented later.

Options menu:

  • Nothing implemented yet
Windows menu:

  • Nothing implemented yet
Help menu:


  • Must be the last thing to think about
I will talk about the CPU window in more details, because I think it deserves some attention.

RTCDbg running on a non-High DPI Graphics

Few things were done, tons of things needs to be done, so let us talk about this a little bit:

  • Disassembly control : supports basic listing of the disassembly.
  • Disassembly extra control : not useful for anything yet.
  • Registers control : supports most of the registers but not all ones that it should support.
  • Hexdump control : still under development, apparently I encountered some issues concerning the selection and I need to figure it out.
  • Stack control : not developed yet.
  • Toolbar : not all buttons are supported.
  • Statusbar: needs someone to care about it.
  • Context Menu/Popup menu: actually implemented only for the hexdump.

Progress for the Back End:

For now, I implemented a very buggy x64 disassembler engine, I'm digging more than 2000 pages of the Intel 64 manual for that matter.
Also, I have many ideas that I would like to implement, given the tight time, I should focus on what will make the core then to add parts as I go.

Developement

For the developement I decided to use GCC 8.1.0 and Code Blocks, those tools are open source and free, so we shall not encounter any licensing issues worldwide. Also, those tools make me feel some sort of liberty.

Is the project going to be open source

That is possible. But till now, I did not decide yet whether the project is going to be open source or closed source. Either way, let us now hope to reach a stable release.

Is there anything to download

Unfortunately not until we reach a stable release. That is due to the fact that the project is still very young and I don't want to cause harm to it, doing such a thing might destroy us at this stage.

Why ?

Certainly we are looking for nothing but the competition with some Debuggers floating arround.

Comments

Popular posts from this blog

Playing with VMProtect - Sample devirtualizeme32_vmp_3.0.9_v2

CTF.ma - Interesting CTF Challenges