Reputation: 1
Why do we use debugger(ollydbg or x64dbg) on Virtual Machine?
Why do people use VM to debug an .exe? as a follow up questions someone told me to absolutely not to patch an exe on my hdd (x64dbg) I could not understand what does it suppose to mean? Where do I patch the exe then?
Upvotes: 0
Views: 1210
Answers (1)
Reputation: 2668
Your question is relatively broad with at least 2 possible scenarios. Let me explain.
Scenario 1:
That someone may mean don't patch the application, since it will ruin your original copy. Point is VMs are relatively reusable and disposable. Thus experimenting, patching, destroying an application inside VM will have zero impact on your actual machine (at least theoretically, since in real world malware etc can escape from a VM). Since even if you patched the wrong file/screwed up, all you need to do is restore the VM.
Scenario 2:
If you are into OS debugging/advanced patching, your "someone" may be referring to whats called a Kernel debugging. Since kernel debugging means having a parallel machine, (physical or virtual) inspect the whole operating system in which your application is running. It is same as when you attach debugger to an application, but this is at the lowest Operating system level.
From the way the question is framed I am more inclined that someone is talking about Scenario 1!
Upvotes: 0
Related Questions
- Why use WinDbg vs the Visual Studio (VS) debugger?
- Why Single Stepping Instruction on X86?
- can you debug 64bit target apps with Ollydbg 1.1?
- Need an overview of debugging process from the hardware layer
- Why use OllyDbg over standard IDE Debugger?
- When can a program be only debugged by dbx, not gdb?
- Using GDB without debugging symbols on x86?
- Should I use windbg_x86 for debugging 32bit applications in 64bit windows?
- How can you reach the same level of efficiency using gdb as you do with a visual debugger?
- What are the differences between OllyDbg and WinDbg?