cutter
cutter copied to clipboard
rizinorg
Pressing the "run" button doesn't do anything, the program isn't running. Is the Windows debugger broken?
Environment information
- Operating System: windows 10
- Cutter version: 2.1.2
- Obtained from:
- [ ] Built from source
- [v] Downloaded release from Cutter website or GitHub
- [ ] Distribution repository
- File format: pe
- Arch: x86
- Type: N/A
Describe the bug
I'm trying to reverse a Packed executable on windows using Cutter.
When I run the program in the cutter debugger, the program just doesn't run. See attached video below (under the screenshot section) You can download the EXE from here: (run responsa.exe):
https://drive.google.com/file/d/1Qh0rdfwPzBGM1EuKqO4Kx94d1h-6okyS/view?usp=sharing
To Reproduce
Steps to reproduce the behavior: Simple press the Run button (the >>> icon) ** Expected behavior**
The program should be able to run normally.
Screenshots
https://imgur.com/a/tNcUWax
Additional context
When I run the program normally, without any cutter, the program does run correctly. So, the program isn't broken.
Did you try running it under another debugger? Does it work there?
Yes, I have tried under x32dbg and it runs correctly
Thank you for reporting the issue :) Is there anything written in the Console widget or in the terminal? Some error logs? (try to execute Cutter from the terminal, i.e Powershell\CMD)
@XVilka I'm new to Cutter and unsure how to run it with Rizin itself. I have seen an "rizin.exe' file in my cutter directory but I'm unsure how to use it. Can you please guide me on how to run it with Rizin itself
@ITAYC0HEN This is the error log I get: It seems like the error is on this line:
ERROR: Cannot debug file (C:\Program Files (x86)\ResponsaCD29\RESPONSA.exe) with permissions set to 0x7.
(I have run the file with admin privileges)
If you want to open the file in read-write mode, invoke rizin with '-w'
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls
[x] Analyze len bytes of instructions for references
[x] Check for classes
[x] Analyze local variables and arguments
[Cannot convert the type for the variable "fcn.005c8fe0.var_60h" into pointer
Cannot convert the type for the variable "fcn.0064b3a0.var_b8h" into pointer
Cannot convert the type for the variable "fcn.006377e0.arg_8h" into pointer
Cannot convert the type for the variable "fcn.005dd250.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005dd3f0.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005c8a20.var_78h" into pointer
Cannot convert the type for the variable "fcn.005d3150.arg_8h" into pointer
Cannot convert the type for the variable "fcn.005b9710.arg_18h" into pointer
Cannot convert the type for the variable "fcn.005408f0.arg_10h" into pointer
Cannot convert the type for the variable "fcn.005dd200.arg_8h" into pointer
[x] Type matching analysis for all functions
[x] Applied 545 FLIRT signatures via sigdb
[x] Propagate noreturn information
[x] Use -AA or aaaa to perform additional experimental analysis.
ERROR: Cannot debug file (C:\Program Files (x86)\ResponsaCD29\RESPONSA.exe) with permissions set to 0x7.
Reopening the original file in read-only mode.
Spawned new process with pid 13200, tid = 696
ERROR: File dbg://C:\\Program\ Files\ (x86)\\ResponsaCD29\\RESPONSA.exe reopened in read-write mode