1

How to log CPU instructions executed by program with x64dbg?

I saw x64dbg - see the current position? question, but I can't find the way to log instructions.

Thanks!

Improve this question
4
  • What do you mean by log CPU instructions? You want to track the instructions that are executed when program is paused and you execute the instructions one by one? Commented May 26, 2020 at 16:23
  • @morsisko, I want to see what instructions are executed in current time of running program. Thanks! Commented May 26, 2020 at 16:28
  • But there are thousands or maybe even million instructions executed per second while the program is running. Are you sure you want to do exactly this? Also where do you want to save the output? In the program GUI or file? Commented May 26, 2020 at 16:35
  • Yes, @morsisko. It would be great to get in file. Commented May 26, 2020 at 17:57

1 Answer 1

Reset to default
1

As far as I understand reading your comments - you want to log all the executed instructions in the file. To do this you need to:

  1. Pause the program, either via Pause option (F12) or using breakpoints
  2. Select Trace menu and then Trace into... (Ctrl+Alt+F7) or Trace over... (Ctrl+Alt+F8). If you want to log every instruction you probably want to use Trace into...
  3. Now in the newly created window Trace dialog

you can select the Log Text format, you can use the proposed 0x{p:cip} {i:cip} which will log the data to file like 0x006E8749 mov ebp, esp. It is also good idea to set the Maximum trace count and the Log File... where the data will be stored. After you are done just press OK and the x64dbg will start executing your program and log all the instructions. Keep in mind that the program won't work really fast during the trace procedure.

Improve this answer
3
  • This is not the recommended method of doing this anymore. You can use the trace tab to do this natively from x64dbg. Commented May 30, 2020 at 20:52
  • @mrexodia But can you log the instructions to file with your own format using trace tab? Commented May 30, 2020 at 21:58
  • 1
    When you start the trace everything is logged to a file, you can open this file later from x64dbg again Commented May 31, 2020 at 2:44

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.