The advantage of using WinDbg (or any other graphical
debugger) is that you can open multiple windows, each containing different data to
monitor during your program??™s execution. For example, you can open one window with
your source code, a second with the accompanying assembly instructions, and a third
with your list of breakpoints.
NOTE An older version of ntsd.exe is included with Windows in the
system32 directory. Either add to your path the directory where you installed
the new debugger earlier than your Windows system32 directory, or use the
full path when launching NTSD.
Windows Debugger Commands
If you??™re already familiar with debugging, the Windows debugger will be a snap to pick
up. Here??™s a table of frequently used debugger commands, specifically geared to leverage
the gdb experience you??™ve gotten in this book.
Command gdb Equiv Description
bp
b *mem Sets a breakpoint at a specific memory address.
bp
bm
b Sets a breakpoint on a specific function.bm is handy to
use with wildcards (as shown later).
bl info b Lists information about existing breakpoints.
PART III
Chapter 11: Basic Windows Exploits
247
bc delete b Clears (deletes) a breakpoint or range of breakpoints.
Pages:
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458