Nytro Posted January 25, 2014 Report Share Posted January 25, 2014 [h=3]Getting Started with WinDBG - Part 1[/h]By Brad Antoniewicz. WinDBG is an awesome debugger. It may not have a pretty interface or black background by default, but it still one of the most powerful and stable Windows debuggers out there. In this article I'll introduce you to the basics of WinDBG to get you off the ground running. This is part one of a multipart series, here's our outline of whats in store:Part 1 - Installation, Interface, Symbols, Remote/Local Debugging, Help, Modules, and RegistersPart 2 - BreakpointsPart 3 - Inspecting Memory, Stepping Through Programs, and General Tips and Tricks In this blog post we'll cover installing and attaching to a process, then in the next blog post we'll go over breakpoints, stepping, and inspecting memory. [h=1]Installation[/h] Microsoft has changed things slightly in WinDBG's installation from Windows 7 to Windows 8. In this section we'll walk through the install on both. [h=2]Windows 8[/h] For Windows 8, Microsoft includes WinDBG in the Windows Driver Kit (WDK) You can install Visual Studio and the WDK or just install the standalone "Debugging Tools for Windows 8.1" package that includes WinDBG. This is basically a thin installer that needs to download WinDBG after you walk through a few screens. The install will ask you if you'd like to install locally or download the development kit for another computer. The later will be the equivalent of an offline installer, which is my preference so that you can install on other systems easily in the future. From there just Next your way to the features page and deselect everything but "Debugging Tools for Windows" and click "Download". Once the installer completes you can navigate to your download directory, which is c:\Users\Username\Downloads\Windows Kits\8.1\StandaloneSDK by default, and then next through that install. Then you're all ready to go! [h=2]Windows 7 and Below[/h] For Windows 7 and below, Microsoft offers WinDBG as part of the "Debugging Tools for Windows" package that is included within the Windows SDK and .Net Framework. This requires you to download the online/offline installer, then specifically choose the "Debugging Tools for Windows" install option. My preference is to check the "Debugging Tools" option under "Redistributable Packages" and create a standalone installer which makes future debugging efforts a heck of lot easier. That's what I'll do here. Once the installation completes, you'll should have the redistributable for various platforms (x86/x64) in the c:\Program Files\Microsoft SDKs\Windows\v7.1\Redist\Debugging Tools for Windows\ directory. From there the installation is pretty simple, just copy the appropriate redistributable to the system you're debugging and then click through the installation.Articol complet:http://blog.opensecurityresearch.com/2013/12/getting-started-with-windbg-part-1.html Quote Link to comment Share on other sites More sharing options...
