skip to main
|
skip to sidebar
Thinking in WinDbg
Tuesday, March 4, 2008
List ZwCreateFile file name
bp nt!ZwCreateFile
dt _OBJECT_ATTRIBUTES poi(esp + 0xC)
No comments:
Post a Comment
Newer Post
Older Post
Home
Subscribe to:
Post Comments (Atom)
Labels
Emacs
(1)
Kernel
(1)
WinDbg command
(3)
WinDbg Script
(2)
Blog Archive
▼
2008
(8)
►
June
(1)
►
May
(1)
▼
March
(6)
If some idiot send dump file to you but don't know...
Find crash position
Where is current IRQL?
PID Condition breakpoint
List ZwCreateFile file name
我常用的一些WinDbg script
About Me
Hannibal
View my complete profile
No comments:
Post a Comment