Symbols connect function names and arguments to offsets in a compiled executable
or DLL. You can debug without symbols, but it is a huge pain. Thankfully, Microsoft
provides symbols for their released operating systems. You can download all symbols
for your particular OS, but that would require a huge amount of local disk space. A
better way to acquire symbols is to use Microsoft??™s symbol server and to fetch symbols as
you need them. Windows debuggers make this easy to do by providing symsrv.dll,
which you can use to set up a local cache of symbols and specify the location to get new
symbols as you need them. This is done through the environment variable _NT_
SYMBOL_PATH. You??™ll need to set this environment variable so the debugger knows
where to look for symbols. If you already have all the symbols you need locally, you can
simply set the variable to that directory like this:
C:\grayhat>set _NT_SYMBOL _PATH=c:\symbols
If you (more likely) would like to use the symbol server, the syntax is as follows:
C:\grayhat>set _NT_SYMBOL _PATH=symsrv*symsrv.dll*c:\symbols*http://msdl.
microsoft.com/download/symbols
Using the preceding syntax, the debugger will first look in c:\symbols for the symbols
it needs.
Pages:
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460