[WinDbg Script] Hacking Minesweeper for Windows 8

<IMPORTANT UPDATE> Today two people told me the script was not working and they also said they did not have the minesweeper_ni.dll. It puzzled me because I tested the script and all the steps below countless times. So I started troubleshooting it (not debugging, troubleshooting :-)) and we all are running Windows 8.1, same debugger…

6

Tools for Your Debugging Toolbox

This article was just updated to include an internal Microsoft tool that is now public. There are many free tools used to troubleshoot and debug software. Below I present a list of the tools that my peers and I use most of the time. Though most of the tools below are free Microsoft tools, not…

8

[WinDbg Script] Displaying the COM object referenced by an RCW object

Here we go again after a long time without blogging and an even longer time without blogging about WinDBG scripts. When debugging dump files from .NET applications sometimes we may encounter a situation where we want to get the COM object referenced by a System.__ComObject wrapper which references an RCWobject. You may think that dumping…

4

New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands

A reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. The book is also invaluable for software maintenance and development engineers debugging Windows applications and services.   Do you want to know more about this book? Check out here…

2

[WinDbg Script] Displaying Parameters for Microsoft.ReportingServices.ReportProcessing

Here is a new script from a PFE from Portugal, Marcio Parente. Marcio kindly shared his source code in this blog post, so here is the story behind the script followed by its source code.     One report on a Reporting Server started to give this error: String: Syntax error converting the varchar value…

2

[WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code

There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that are stored in the managed heap. This script is more specific because it gives you the query/stored procedure running in a specific thread. It has the option to scan all threads and to display the queries/sp for each thread.  …

3

Special Command—Advanced Programming Techniques for WinDbg Scripts

It has been a long time since my last post, but I’m back on the blog. The article for today is about the black art of WinDbg scripting. When I first started creating my scripts, I learned by trial and error. It was tough; however, it gave me the basis to create the technique that…

5

[Windbg Script] Disassembling Routines and Searching for Instructions

Sometimes you cannot avoid reading the disassembled code to look for a specific assembly instruction. You may want to see if a particular function is doing some specific operation, using some specific register, or calling other functions. You can do that using the disassembling window or using a dead listing and looking for specific instructions;…

4

[Recommended Books] How to Acquire or Improve Debugging Skills

This article is my answer for this comment. First of all, this is just my opinion, not Microsoft’s opinion. Before talking about books, let me explain something that I see over and over again. Sometimes I’ve run across people who think they just need to know the debugger commands to become a good debugger. This…

15