日期:2014-05-16 浏览次数:20407 次
1. 查看目标系统
vertarget 是version命令的一个功能子集
vertarget显示调试目标所在的操作系统版本
version则会显示调试环境的其它信息
eg:
0:000> version
Windows XP Version 2600 (Service Pack 3) MP (4 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
kernel32.dll version: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
Machine Name:
Debug session time: Sat Jun 30 08:45:50.437 2012 (GMT+8)
System Uptime: 0 days 1:14:31.091
Process Uptime: 0 days 0:23:58.671
Kernel time: 0 days 0:00:00.000
User time: 0 days 0:00:00.015
Live user mode: <Local>
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
command line: '"C:\Program Files\Debugging Tools for Windows (x86)\windbg.exe" ' Debugger Process 0x12C
dbgeng: image 6.11.0001.404, built Thu Feb 26 09:55:43 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbgeng.dll]
dbghelp: image 6.11.0001.404, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbghelp.dll]
DIA version: 11212
Extension DLL search Path:
C:\Program Files\Debugging Tools for Windows (x86)\WINXP;C:\Program Files\Debugging Tools for Windows (x86)\winext;C:\Program Files\Debugging Tools for Windows (x86)\winext\arcade;C:\Program Files\Debugging Tools for Windows (x86)\pri;C:\Program Files\Debugging
Tools for Windows (x86);C:\Program Files\Debugging Tools for Windows (x86)\winext\arcade;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\ThinkPad Wireless LAN Adapter Software;C:\Program Files\Common
Files\Lenovo;D:\Program Files\TortoiseSVN\bin;d:\Program Files\T58KTV\9158VirtualCamera\Package\bpl;d:\Program Files\T58KTV\9158VirtualCamera\bin;C:\Program Files\QuickTime\QTSystem\;d:\Program Files\Lua\5.1;d:\Program Files\Lua\5.1\clibs;d:\Program Files\Tencent\QQPCMgr\6.6.2135.201;C:\Program
Files\IDM Computer Solutions\UltraEdit\;d:\Program Files\Tencent\QQPCMgr\6.6.2135.201
Extension DLL chain:
dbghelp: image 6.11.0001.404, API 6.1.6, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbghelp.dll]
ext: image 6.11.0001.404, API 1.0.0, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\winext\ext.dll]
exts: image 6.11.0001.404, API 1.0.0, built Thu Feb 26 09:55:24 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\WINXP\exts.dll]
uext: image 6.11.0001.404, API 1.0.0, built Thu Feb 26 09:55:26 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\winext\uext.dll]
ntsdexts: image 6.1.7015.0, API 1.0.0, built Thu Feb 26 09:54:43 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\WINXP\ntsdexts.dll]
2.查看寄存器值
r
eg:
0:000> r
eax=00