2

PyCommand 

   import immlib
    def main(args):
        imm = immlib.Debugger()
        imm.setBreakpoint(0x411077)
        imm.setReg("EAX",0x0)
        imm.log("EAX: {}".format(imm.getRegs()['EAX']))
        imm.run()

    return "OK"

Log

EAX: 0
Breakpoint at 0x411077
OK

The log write happens before setBreakpoint() according to the log.

What is the problem?

Improve this question

1 Answer 1

Reset to default
1

It looks like "Breakpoint at" means "the breakpoint was hit", not "breakpoint was set".

The breakpoint can be only triggered once the program is running. Since you call log() before run(), the log message is printed first. If you want to log when the breakpoint is hit, you need to use another approach (not familiar with ImmDbg API so can't recommend anything specific).

Improve this answer
2
  • You need to use a BpHook, see the documentation for more information
    – JeffreyZ
    Commented Jul 27, 2016 at 4:27
  • @JeffreyZ: you probably should post that as an answer (with a small example)
    – Igor Skochinsky
    Commented Jul 27, 2016 at 11:03

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.