最近開始看一些針對非托管程序的WinDBG的使用了, Tess推薦去看Debugging Toolbox. 其第一篇就把我難住了, 腳本看不懂.
動手實踐了一下, 發現下面的文章所講的内容特别有幫助, 于是轉載在這裡.
原文位址
First steps with WinDBG scripting… (Memento)
http://www.msuiche.net/2007/08/03/first-steps-with-windbg-scripting-memento/
Here is a sample of script for Windbg for people who doesn’t want to waste time because they don’t find any document.
Firstly, to declare a variable you must use the prefix “r”. Moreover, the name must be $t[0..n]
Secondly, if you use the flag “/D” after “.printf” you can use pseudo-html code inside.
Thirdly, to read the value of an address you have to use “poi()” with the prefix “@” like : poi(@$t0)
To write byte or dword, you should use “eb” or “ed”.
And… the most fun is that you can create links like the following scheme :
.printf /D “<link cmd=\”COMMAND_TO_EXECUTE\”>DISPLAY_TEXT</link>\\n”;
To execute a script use