返回> 网站首页
在 WinDbg 脚本中使用参数
yoours2010-08-31 19:49:34
简介一边听听音乐,一边写写文章。
WinDbg 6.7.5.0 版本运行脚本时多了一个新的命令 $$>a< ,可以给脚本传递参数。下面是一个简单的例子,演示了参数的用法。
$$
$$ calc v0.0.1
$$ by 2007.06.08
$$
.if(@@c++(${/d:$arg1} && ${/d:$arg2}))
{
.printf "\n%d + %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} + ${$arg2}
.printf "%d - %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} - ${$arg2}
.printf "%d * %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} * ${$arg2}
.printf "%d / %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} / ${$arg2}
}
.else
{
.printf "\nusage: $$>a< <path>\calc.txt arg1 arg2\n\n"
}
运行一下:
0:000>$$>a< d:\windbg\scripts\calc.txt @eax 4
1580724 + 4 = 1580728
1580724 - 4 = 1580720
1580724 * 4 = 6322896
1580724 / 4 = 395181
几个脚本
http://blogs.msdn.com/debuggingtoolbox/default.aspx
rootkit 的 blog
http://www.rootkit.com/blog.php?user=buri
$$
$$ calc v0.0.1
$$ by 2007.06.08
$$
.if(@@c++(${/d:$arg1} && ${/d:$arg2}))
{
.printf "\n%d + %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} + ${$arg2}
.printf "%d - %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} - ${$arg2}
.printf "%d * %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} * ${$arg2}
.printf "%d / %d = %d\n", ${$arg1}, ${$arg2}, ${$arg1} / ${$arg2}
}
.else
{
.printf "\nusage: $$>a< <path>\calc.txt arg1 arg2\n\n"
}
运行一下:
0:000>
1580724 + 4 = 1580728
1580724 - 4 = 1580720
1580724 * 4 = 6322896
1580724 / 4 = 395181
几个脚本
http://blogs.msdn.com/debuggingtoolbox/default.aspx
rootkit 的 blog
http://www.rootkit.com/blog.php?user=buri
文章评论
1215人参与,0条评论