Reputation: 187
windbg: set data breakpoint at dll + offset
I want to set a data-write breakpoint on the value of xul.dll+0x7d760, hopefully using a command script.
I can print the base address of xul.dll using lm, and manually set the breakpoint with
ba w (baseaddress + 0x7d760)
But I can't figure out a way to store the base address of xul.dll into a pseudo-register so that I could do this automatically. Is there a way to somehow store or parse the results of lm xul into a pseudo-register?
Upvotes: 5
Views: 2888
Answers (2)
Reputation: 5499
The module name minus the suffix can also be used to express the base address:
0:000> lm mole32
start end module name
000007ff`344b0000 000007ff`3462e000 ole32 (deferred)
0:000> ? ole32
Evaluate expression: 8792675385344 = 000007ff`344b0000
0:000> ? ole32 + 0x7d760
Evaluate expression: 8792675899232 = 000007ff`3452d760
0:000> ? 000007ff`3452d760 - ole32
Evaluate expression: 513888 = 00000000`0007d760
Upvotes: 2
Reputation: 11585
.foreach /pS 4 /ps 3 (modbase {lm p m xul}) {ba w 4 (${modbase} + 0x7d760)}
In this command, the module's base address will be stored in ${modbase}. Substitute xul for another module, or edit the {ba w 4 (${modbase} + 0x7d760)} block to substitute a different command or offset as necessary.
Upvotes: 5
Related Questions
- How to set a data breakpoint on a variable address in CDB (WinDbg)
- How can I set a breakpoint to target this emulated location when it's at a different offset in WinDbg?
- How do I programmatically refer to a breakpoint in WinDbg?
- How to see the code at a certain offset using WinDbg, without dump?
- WinDbg: how to set a native breakpoint for .net program
- Setting break point using source code line number in WinDBG
- Manually setting breakpoints in WinDBG
- how to set up a breakpoint in windbg?
- Setting breakpoint in Windgb at System.IO.FileStream.Read() of mscorlib of .Net
- windbg setting conditional breakpoint