[Windbg Script] Retrieving information from ASP

  • Article

Have you ever had this situation: You need to get ASP information from an IIS process? If yes, you can use the DebugDiag tool to analyze your dump file.

Oh, I see… sometimes you use DebugDiag, but you need to manually debug the dump/application to get more information—for example, the ASP source code being executed.

Or maybe you are analyzing a dump file and you want to take a peek at the ASP information from Windbg without using DebugDiag.

You can do that by copying the IISINFO.DLL extension from DebugDiag to the WinExt folder in Windbg. Easy, huh? You do need to learn how to use the extension, but only if you don’t use the script below. ;-)

This script is a wrapper for the IISINFO.DLL extension. Using it helps you to be productive without spending time learning the extension commands and variations.

It’s useful to retrieve detailed ASP information from an IIS process that’s using ASP.

Some screenshots:

 

 

 

Source code for GET_ASP_INFORMATION.TXT:

$$

$$ ==============================================================================================

$$ This script is a wrapper for the extension IISINFO.DLL that is part of DebugDiag tool.

$$

$$ Compatibility: Win32.

$$

$$ Usage: $$>< to run the script.

$$

$$ Requirements: Public symbols.

$$

$$ If necessary change the filename below to include your path and filename.

$$ By default it uses the WinDbg path and the default file name is GET_ASP_INFORMATION.TXT

$$

$$ Roberto Alexis Farah

$$ Blog: https://blogs.msdn.com/debuggingtoolbox/

$$

$$ All my scripts are provided "AS IS" with no warranties, and confer no rights.

$$ ==============================================================================================

$$

ad /q *

.block

{

    as ScriptName MYSCRIPTS\\GET_ASP_INFORMATION.TXT

}

.printf /D "\n<link cmd=\"!iisinfo.aspapps -x -v;ad /q *;$$><${ScriptName}\"><b>ASP Applications</b></link>\n\n"

.printf /D "\n<link cmd=\"!iisinfo.clientconns;ad /q *;$$><${ScriptName}\"><b>Client Connections</b></link>\n\n"

.printf /D "\n<link cmd=\"!iisinfo.asppages -x -v;ad /q *;$$><${ScriptName}\"><b>ASP Pages</b></link>\n\n"

.printf /D "\n<link cmd=\"!iisinfo.aspstack -x -v;ad /q *;$$><${ScriptName}\"><b>ASP Stack for current thread</b></link>\n\n"

.printf /D "\n<link cmd=\".block{~* e !iisinfo.aspstack -x -v};ad /q *;$$><${ScriptName}\"><b>ASP Stack for all threads</b></link>\n\n"

.printf /D "\n<link cmd=\"!iisinfo.asprequests -x -v;ad /q *;$$><${ScriptName}\"><b>ASP Requests</b></link>\n\n"

.printf /D "\n<link cmd=\"!iisinfo.templates -x -v;ad /q *;$$><${ScriptName}\"><b>ASP Templates</b></link>\n\n"

.printf /D "\nFor <b>ASP Template Source Code</b> click above on <b>ASP Templates</b>, get the Template pointer then use <b>!iisinfo.templatecode <pointer></b>\n\n"

.printf /D "\nFor <b>ASP Template Hierarchy</b> click above on <b>ASP Templates</b>, get the Template pointer then use <b>!iisinfo.asptemplate <pointer></b>\n\n"

.printf /D "\nFor detailed information about <b>ASP session</b> click on <b>ASP Pages</b> above then use the CSession pointer as argument for\n"

.printf /D "\n<b>!iisinfo.session <pointer></b> and <b>!iisinfo.sessvars <pointer></b>\n\n"

$$ =============================================================================

Read me.