#1
|
||||
|
||||
New windbg preview available
Hi,
Don't know if you noticed it already.. https://blogs.msdn.microsoft.com/windbg/2017/08/28/new-windbg-available-in-preview/
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪) There are only 10 types of people in the world: Those who understand binary, and those who don't http://www.accessroot.com |
The Following User Gave Reputation+1 to Shub-Nigurrath For This Useful Post: | ||
Syoma (08-30-2017) |
#2
|
|||
|
|||
By the way,
the installer creates a very interesting file (completely undocumented - supported only by Windows10) with path C:\Users\username\AppData\Local\Microsoft\WindowsApps\WinDbgX.exe in order to allow to launch "WinDbgX.exe" from a regular command prompt. I discovered these properties for it: - 0-byte length - cannot be copied/renamed/deleted - it has the Reparse attribute; but it is not a MountPoint neither a SymbolicLink; it has a IO_REPARSE_TAG_APPEXECLINK - with the IoControl FSCTL_GET_REPARSE_POINT we can retrieve the Exe Path, inside an undocumented structure: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.0.10.0_x86__8wekyb3d8bbwe\DbgX.Shell.exe (the original App written in C Sharp) - no tool can at the moment retrieve this info, neither the DIR command! Best regards... |
The Following User Gave Reputation+1 to bilbo For This Useful Post: | ||
nulli (08-31-2017) |
The Following User Says Thank You to bilbo For This Useful Post: | ||
tonyweb (08-31-2017) |
#3
|
|||
|
|||
Maybe here...?
Quote:
__________________
My Personal Blog:http://ltops9.wordpress.com |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Windbg in IDA 6.5 | zeuscane | General Discussion | 8 | 11-02-2014 14:13 |
WINDBG question | ricnar456 | General Discussion | 3 | 08-17-2006 04:07 |