SlideShare a Scribd company logo

Debugging TV Frame 0x05

Dmitry Vostokov
Dmitry Vostokov

This debugging improvisation covers software breakpoints and their implementation, hardware breakpoints and x86 - x64 debug registers.

Software
1 of 8
Download to read offline
Frame 0x05 Presenter: Dmitry Vostokov Sponsors Debugging.TV
Debugging Improvisation 0x02 © 2011 DumpAnalysis.org + TraceAnalysis.org
• Software breakpoints • Software breakpoint implementation • Hardware breakpoints • Debug registers • !Ad Topics © 2011 DumpAnalysis.org + TraceAnalysis.org
.logopen kL .reload ~<>s x .symfix .sympath rM Commands © 2011 DumpAnalysis.org + TraceAnalysis.org bp u bc bl .bpcmds ~ Ba uf
0:000> * Debugger View 0:000> u TestWER64!CAboutDlg::CAboutDlg TestWER64!CAboutDlg::CAboutDlg: 00000001`400249d0 48894c2408 mov qword ptr [rsp+8],rcx 00000001`400249d5 4883ec38 sub rsp,38h 00000001`400249d9 48c7442420feffffff mov qword ptr [rsp+20h],0FFFFFFFFFFFFFFFEh 00000001`400249e2 4533c0 xor r8d,r8d 00000001`400249e5 ba64000000 mov edx,64h 00000001`400249ea 488b4c2440 mov rcx,qword ptr [rsp+40h] 00000001`400249ef e844e9fdff call TestWER64!CDialog::CDialog (00000001`40003338) 00000001`400249f4 90 nop 0:000> * Another Debugger View 0:000> u TestWER64!CAboutDlg::CAboutDlg TestWER64!CAboutDlg::CAboutDlg: 00000001`400249d0 cc int 3 00000001`400249d1 894c2408 mov dword ptr [rsp+8],ecx 00000001`400249d5 4883ec38 sub rsp,38h 00000001`400249d9 48c7442420feffffff mov qword ptr [rsp+20h],0FFFFFFFFFFFFFFFEh 00000001`400249e2 4533c0 xor r8d,r8d 00000001`400249e5 ba64000000 mov edx,64h 00000001`400249ea 488b4c2440 mov rcx,qword ptr [rsp+40h] 00000001`400249ef e844e9fdff call TestWER64!CDialog::CDialog (00000001`40003338) Software Breakpoint © 2011 DumpAnalysis.org + TraceAnalysis.org
0:000> rM20 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=0000000000000000 dr7=0000000000000000 USER32!NtUserGetMessage+0xa: 00000000`774dc92a c3 ret 0:000> ba e 1 TestWER64!CAboutDlg::CAboutDlg 0:000> bl 0 e 00000001`400249d0 e 1 0001 (0001) 0:**** TestWER64!CAboutDlg::CAboutDlg 0:000> g (5e0.140): Break instruction exception - code 80000003 (first chance) ntdll!DbgBreakPoint: 00000000`7760e910 cc int 3 0:001> rM20 dr0=00000001400249d0 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=00000000ffff0ff0 dr7=0000000000000401 ntdll!DbgBreakPoint: 00000000`7760e910 cc int 3 Hardware Breakpoint © 2011 DumpAnalysis.org + TraceAnalysis.org
!Ad Hardcore Technical Support Training © 2011 DumpAnalysis.org + TraceAnalysis.org Advanced Windows Memory Dump Analysis Accelerated Windows Memory Dump AnalysisJanuary, 2012: December 9, 2011: Training Schedule
Debugging.TV

Recommended

Debugging TV Frame 0x33
Debugging TV Frame 0x33Debugging TV Frame 0x33
Debugging TV Frame 0x33Dmitry Vostokov
 
Programmation pic 16F877
Programmation pic 16F877Programmation pic 16F877
Programmation pic 16F877Mouna Souissi
 
Protecting C++
Protecting C++Protecting C++
Protecting C++Pavel Filonov
 
Fosscon 2012 firewall workshop
Fosscon 2012 firewall workshopFosscon 2012 firewall workshop
Fosscon 2012 firewall workshopjvehent
 
Printf and scanf
Printf and scanfPrintf and scanf
Printf and scanfgidc engineering college
 
Make ARM Shellcode Great Again
Make ARM Shellcode Great AgainMake ARM Shellcode Great Again
Make ARM Shellcode Great AgainSaumil Shah
 
HackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainHackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainSaumil Shah
 
Shenzhen2015
Shenzhen2015Shenzhen2015
Shenzhen2015Akira Sasaki
 

Recommended

Debugging TV Frame 0x33
Debugging TV Frame 0x33Debugging TV Frame 0x33
Debugging TV Frame 0x33Dmitry Vostokov
 
Programmation pic 16F877
Programmation pic 16F877Programmation pic 16F877
Programmation pic 16F877Mouna Souissi
 
Protecting C++
Protecting C++Protecting C++
Protecting C++Pavel Filonov
 
Fosscon 2012 firewall workshop
Fosscon 2012 firewall workshopFosscon 2012 firewall workshop
Fosscon 2012 firewall workshopjvehent
 
Printf and scanf
Printf and scanfPrintf and scanf
Printf and scanfgidc engineering college
 
Make ARM Shellcode Great Again
Make ARM Shellcode Great AgainMake ARM Shellcode Great Again
Make ARM Shellcode Great AgainSaumil Shah
 
HackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainHackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainSaumil Shah
 
Shenzhen2015
Shenzhen2015Shenzhen2015
Shenzhen2015Akira Sasaki
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6Netwax Lab
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKSaumil Shah
 
CARACTERES ASCII ENSAMBLADOR
CARACTERES ASCII ENSAMBLADORCARACTERES ASCII ENSAMBLADOR
CARACTERES ASCII ENSAMBLADORYurley Xiomara Rojas Sanchez
 
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015Codemotion
 
Kubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプラインKubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプラインYusuke Nojima
 
บทท 7
บทท 7บทท 7
บทท 7J-Kitipat Vatinivijet
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisPositive Hack Days
 
Radare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsRadare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsMaijin
 
TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行Takashi Imagire
 
Diagrama de bloques manejo de materiales
Diagrama de bloques manejo de materialesDiagrama de bloques manejo de materiales
Diagrama de bloques manejo de materialesRoberto Díaz
 
DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -Adul Andreas
 
Dns20
Dns20Dns20
Dns20rainmanlinux
 
Exploring the x64
Exploring the x64Exploring the x64
Exploring the x64FFRI, Inc.
 
Lader PWN PLC
Lader PWN PLCLader PWN PLC
Lader PWN PLCArthur Vieira
 
Simpatía
SimpatíaSimpatía
Simpatíaeliacosta2010
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Debugging TV Frame 0x24
Debugging TV Frame 0x24Debugging TV Frame 0x24
Debugging TV Frame 0x24Dmitry Vostokov
 
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017Justin Ehrenhofer
 
2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pubCassio Ramos
 
Basic dns-mod
Basic dns-modBasic dns-mod
Basic dns-modHarry Potter
 
Debugging TV Frame 0x02
Debugging TV Frame 0x02Debugging TV Frame 0x02
Debugging TV Frame 0x02Dmitry Vostokov
 
Windows Debugging with WinDbg
Windows Debugging with WinDbgWindows Debugging with WinDbg
Windows Debugging with WinDbgArno Huetter
 

More Related Content

What's hot

Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKSaumil Shah
 
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015Codemotion
 
Kubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプラインKubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプラインYusuke Nojima
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisPositive Hack Days
 
Radare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsRadare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsMaijin
 
TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行Takashi Imagire
 
Diagrama de bloques manejo de materiales
Diagrama de bloques manejo de materialesDiagrama de bloques manejo de materiales
Diagrama de bloques manejo de materialesRoberto Díaz
 
DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -Adul Andreas
 
Exploring the x64
Exploring the x64Exploring the x64
Exploring the x64FFRI, Inc.
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017Justin Ehrenhofer
 

What's hot (20)

Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEK
 
CARACTERES ASCII ENSAMBLADOR
CARACTERES ASCII ENSAMBLADORCARACTERES ASCII ENSAMBLADOR
CARACTERES ASCII ENSAMBLADOR
 
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
Trash Robotic Router Platform - David Melendez - Codemotion Rome 2015
 
Kubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプラインKubernetes で実現するインフラ自動構築パイプライン
Kubernetes で実現するインフラ自動構築パイプライン
 
บทท 7
บทท 7บทท 7
บทท 7
 
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A AnalysisApplication of Radare2 Illustrated by Shylock and Snakso.A Analysis
Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
 
Radare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies stepsRadare2 @ ndh2k15 : First r2babies steps
Radare2 @ ndh2k15 : First r2babies steps
 
TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行TDD Boot Camp 東京 for C++ 進行
TDD Boot Camp 東京 for C++ 進行
 
Diagrama de bloques manejo de materiales
Diagrama de bloques manejo de materialesDiagrama de bloques manejo de materiales
Diagrama de bloques manejo de materiales
 
DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -DepokCyberSecurity - ServerHack - Wisolusindo -
DepokCyberSecurity - ServerHack - Wisolusindo -
 
Dns20
Dns20Dns20
Dns20
 
Exploring the x64
Exploring the x64Exploring the x64
Exploring the x64
 
Lader PWN PLC
Lader PWN PLCLader PWN PLC
Lader PWN PLC
 
Simpatía
SimpatíaSimpatía
Simpatía
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
 
Debugging TV Frame 0x24
Debugging TV Frame 0x24Debugging TV Frame 0x24
Debugging TV Frame 0x24
 
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
Monero Presentation by Justin Ehrenhofer - Athens, Greece 2017
 
2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pub
 
Basic dns-mod
Basic dns-modBasic dns-mod
Basic dns-mod
 

Similar to Debugging TV Frame 0x05

Windows Debugging with WinDbg
Windows Debugging with WinDbgWindows Debugging with WinDbg
Windows Debugging with WinDbgArno Huetter
 
20190521 pwn 101_by_roy
20190521 pwn 101_by_roy20190521 pwn 101_by_roy
20190521 pwn 101_by_royRoy
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARFSamy Bahra
 
Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesAnne Nicolas
 
Winter training,Readymade Projects,Buy Projects,Corporate Training
Winter training,Readymade Projects,Buy Projects,Corporate TrainingWinter training,Readymade Projects,Buy Projects,Corporate Training
Winter training,Readymade Projects,Buy Projects,Corporate TrainingTechnogroovy
 
Windows debugging sisimon
Windows debugging sisimonWindows debugging sisimon
Windows debugging sisimonSisimon Soman
 
Windows kernel debugging workshop in florida
Windows kernel debugging workshop in floridaWindows kernel debugging workshop in florida
Windows kernel debugging workshop in floridaSisimon Soman
 
Scale17x buffer overflows
Scale17x buffer overflowsScale17x buffer overflows
Scale17x buffer overflowsjohseg
 
Secrets of building a debuggable runtime: Learn how language implementors sol...
Secrets of building a debuggable runtime: Learn how language implementors sol...Secrets of building a debuggable runtime: Learn how language implementors sol...
Secrets of building a debuggable runtime: Learn how language implementors sol...Dev_Events
 
The forgotten art of assembly
The forgotten art of assemblyThe forgotten art of assembly
The forgotten art of assemblyMarian Marinov
 
Reverse engineering of binary programs for custom virtual machines
Reverse engineering of binary programs for custom virtual machinesReverse engineering of binary programs for custom virtual machines
Reverse engineering of binary programs for custom virtual machinesSmartDec
 
Accelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slidesAccelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slidesDmitry Vostokov
 
Mini proj i question and solution design
Mini proj i question and solution designMini proj i question and solution design
Mini proj i question and solution designHaowei Jiang
 
Windbg랑 친해지기
Windbg랑 친해지기Windbg랑 친해지기
Windbg랑 친해지기Ji Hun Kim
 
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...The Linux Foundation
 
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick44CON
 
hacking-embedded-devices.pptx
hacking-embedded-devices.pptxhacking-embedded-devices.pptx
hacking-embedded-devices.pptxssuserfcf43f
 

Similar to Debugging TV Frame 0x05 (20)

Debugging TV Frame 0x02
Debugging TV Frame 0x02Debugging TV Frame 0x02
Debugging TV Frame 0x02
 
Windows Debugging with WinDbg
Windows Debugging with WinDbgWindows Debugging with WinDbg
Windows Debugging with WinDbg
 
20190521 pwn 101_by_roy
20190521 pwn 101_by_roy20190521 pwn 101_by_roy
20190521 pwn 101_by_roy
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
 
Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering Oopsies
 
Debugging 2013- Jesper Brouer
Debugging 2013- Jesper BrouerDebugging 2013- Jesper Brouer
Debugging 2013- Jesper Brouer
 
Winter training,Readymade Projects,Buy Projects,Corporate Training
Winter training,Readymade Projects,Buy Projects,Corporate TrainingWinter training,Readymade Projects,Buy Projects,Corporate Training
Winter training,Readymade Projects,Buy Projects,Corporate Training
 
Windows debugging sisimon
Windows debugging sisimonWindows debugging sisimon
Windows debugging sisimon
 
Windows kernel debugging workshop in florida
Windows kernel debugging workshop in floridaWindows kernel debugging workshop in florida
Windows kernel debugging workshop in florida
 
Scale17x buffer overflows
Scale17x buffer overflowsScale17x buffer overflows
Scale17x buffer overflows
 
Secrets of building a debuggable runtime: Learn how language implementors sol...
Secrets of building a debuggable runtime: Learn how language implementors sol...Secrets of building a debuggable runtime: Learn how language implementors sol...
Secrets of building a debuggable runtime: Learn how language implementors sol...
 
The forgotten art of assembly
The forgotten art of assemblyThe forgotten art of assembly
The forgotten art of assembly
 
Reverse engineering of binary programs for custom virtual machines
Reverse engineering of binary programs for custom virtual machinesReverse engineering of binary programs for custom virtual machines
Reverse engineering of binary programs for custom virtual machines
 
Accelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slidesAccelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slides
 
Mini proj i question and solution design
Mini proj i question and solution designMini proj i question and solution design
Mini proj i question and solution design
 
Windbg랑 친해지기
Windbg랑 친해지기Windbg랑 친해지기
Windbg랑 친해지기
 
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
XPDS16: Xen Live Patching - Updating Xen Without Rebooting - Konrad Wilk, Ora...
 
Debugging TV Frame 0x08
Debugging TV Frame 0x08Debugging TV Frame 0x08
Debugging TV Frame 0x08
 
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick
44CON 2014 - Stupid PCIe Tricks, Joe Fitzpatrick
 
hacking-embedded-devices.pptx
hacking-embedded-devices.pptxhacking-embedded-devices.pptx
hacking-embedded-devices.pptx
 

More from Dmitry Vostokov

Accelerated Windows Debugging 3 training public slides
Accelerated Windows Debugging 3 training public slidesAccelerated Windows Debugging 3 training public slides
Accelerated Windows Debugging 3 training public slidesDmitry Vostokov
 

More from Dmitry Vostokov (20)

Accelerated Windows Debugging 3 training public slides
Accelerated Windows Debugging 3 training public slidesAccelerated Windows Debugging 3 training public slides
Accelerated Windows Debugging 3 training public slides
 
Debugging TV Frame 0x1C
Debugging TV Frame 0x1CDebugging TV Frame 0x1C
Debugging TV Frame 0x1C
 
Debugging TV Frame 0x1A
Debugging TV Frame 0x1ADebugging TV Frame 0x1A
Debugging TV Frame 0x1A
 
Debugging TV Frame 0x34
Debugging TV Frame 0x34Debugging TV Frame 0x34
Debugging TV Frame 0x34
 
Debugging TV Frame 0x31
Debugging TV Frame 0x31Debugging TV Frame 0x31
Debugging TV Frame 0x31
 
Debugging TV Frame 0x25
Debugging TV Frame 0x25Debugging TV Frame 0x25
Debugging TV Frame 0x25
 
Debugging TV Frame 0x21
Debugging TV Frame 0x21Debugging TV Frame 0x21
Debugging TV Frame 0x21
 
Debugging TV Frame 0x20
Debugging TV Frame 0x20Debugging TV Frame 0x20
Debugging TV Frame 0x20
 
Debugging TV Frame 0x19
Debugging TV Frame 0x19Debugging TV Frame 0x19
Debugging TV Frame 0x19
 
Debugging TV Frame 0x18
Debugging TV Frame 0x18Debugging TV Frame 0x18
Debugging TV Frame 0x18
 
Debugging TV Frame 0x17
Debugging TV Frame 0x17Debugging TV Frame 0x17
Debugging TV Frame 0x17
 
Debugging TV Frame 0x16
Debugging TV Frame 0x16Debugging TV Frame 0x16
Debugging TV Frame 0x16
 
Debugging TV Frame 0x15
Debugging TV Frame 0x15Debugging TV Frame 0x15
Debugging TV Frame 0x15
 
Debugging TV Frame 0x14
Debugging TV Frame 0x14Debugging TV Frame 0x14
Debugging TV Frame 0x14
 
Debugging TV Frame 0x13
Debugging TV Frame 0x13Debugging TV Frame 0x13
Debugging TV Frame 0x13
 
Debugging TV Frame 0x12
Debugging TV Frame 0x12Debugging TV Frame 0x12
Debugging TV Frame 0x12
 
Debugging TV Frame 0x11
Debugging TV Frame 0x11Debugging TV Frame 0x11
Debugging TV Frame 0x11
 
Debugging TV Frame 0x10
Debugging TV Frame 0x10Debugging TV Frame 0x10
Debugging TV Frame 0x10
 
Debugging TV Frame 0x0F
Debugging TV Frame 0x0FDebugging TV Frame 0x0F
Debugging TV Frame 0x0F
 
Debugging TV Frame 0x0D
Debugging TV Frame 0x0DDebugging TV Frame 0x0D
Debugging TV Frame 0x0D
 

Recently uploaded

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 

Recently uploaded (20)

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 

Debugging TV Frame 0x05

  • 1. Frame 0x05 Presenter: Dmitry Vostokov Sponsors Debugging.TV
  • 3. • Software breakpoints • Software breakpoint implementation • Hardware breakpoints • Debug registers • !Ad Topics © 2011 DumpAnalysis.org + TraceAnalysis.org
  • 5. 0:000> * Debugger View 0:000> u TestWER64!CAboutDlg::CAboutDlg TestWER64!CAboutDlg::CAboutDlg: 00000001`400249d0 48894c2408 mov qword ptr [rsp+8],rcx 00000001`400249d5 4883ec38 sub rsp,38h 00000001`400249d9 48c7442420feffffff mov qword ptr [rsp+20h],0FFFFFFFFFFFFFFFEh 00000001`400249e2 4533c0 xor r8d,r8d 00000001`400249e5 ba64000000 mov edx,64h 00000001`400249ea 488b4c2440 mov rcx,qword ptr [rsp+40h] 00000001`400249ef e844e9fdff call TestWER64!CDialog::CDialog (00000001`40003338) 00000001`400249f4 90 nop 0:000> * Another Debugger View 0:000> u TestWER64!CAboutDlg::CAboutDlg TestWER64!CAboutDlg::CAboutDlg: 00000001`400249d0 cc int 3 00000001`400249d1 894c2408 mov dword ptr [rsp+8],ecx 00000001`400249d5 4883ec38 sub rsp,38h 00000001`400249d9 48c7442420feffffff mov qword ptr [rsp+20h],0FFFFFFFFFFFFFFFEh 00000001`400249e2 4533c0 xor r8d,r8d 00000001`400249e5 ba64000000 mov edx,64h 00000001`400249ea 488b4c2440 mov rcx,qword ptr [rsp+40h] 00000001`400249ef e844e9fdff call TestWER64!CDialog::CDialog (00000001`40003338) Software Breakpoint © 2011 DumpAnalysis.org + TraceAnalysis.org
  • 6. 0:000> rM20 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=0000000000000000 dr7=0000000000000000 USER32!NtUserGetMessage+0xa: 00000000`774dc92a c3 ret 0:000> ba e 1 TestWER64!CAboutDlg::CAboutDlg 0:000> bl 0 e 00000001`400249d0 e 1 0001 (0001) 0:**** TestWER64!CAboutDlg::CAboutDlg 0:000> g (5e0.140): Break instruction exception - code 80000003 (first chance) ntdll!DbgBreakPoint: 00000000`7760e910 cc int 3 0:001> rM20 dr0=00000001400249d0 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=00000000ffff0ff0 dr7=0000000000000401 ntdll!DbgBreakPoint: 00000000`7760e910 cc int 3 Hardware Breakpoint © 2011 DumpAnalysis.org + TraceAnalysis.org
  • 7. !Ad Hardcore Technical Support Training © 2011 DumpAnalysis.org + TraceAnalysis.org Advanced Windows Memory Dump Analysis Accelerated Windows Memory Dump AnalysisJanuary, 2012: December 9, 2011: Training Schedule