使用windbg进行远程调试
来源:互联网 发布:java工程师证书怎么考 编辑:程序博客网 时间:2024/05/17 02:24
使用windbg进行远程调试
在某些情况下我们需要进行远程调试(比如该程序运行需要时候全屏,或者程序在客户的机器上crash崩溃), 这时候可以使用WinDBG的远程调试功能。
WinDBG的远程调试由服务端和客户端组成,和visual studio类似。 被调试的机器是服务端(server), 我们做调试的机器是客户端(client)。 两台机器都需要安装WinDBG。
第一步, 建立WinDBG server 端。
使用 -server 参数可以使WinDBG 以服务器方式启动。 WinDBG可以用多种连接协议让客户端连接,比如命名管道(named pipe), 安全管道(secure pipe), TCP 协议(socket), SSL 协议, 串口/并口(COM port) 等等。
命名管道
WinDBG.exe -server npipe:pipe=PipeName[,hidden][,password=Password][,IcfEnable] [-noio] [Options]
TCP 协议
WinDBG.exe -server tcp:port=Socket[,hidden][,password=Password][,ipversion=6][,IcfEnable] [-noio] [Options]
WinDBG.exe -server tcp:port=Socket,clicon=Client[,password=Password][,ipversion=6] [-noio] [Options]
串口/并口
WinDBG.exe -server com:port=COMPort,baud=BaudRate,channel=COMChannel[,hidden],password=Password] [-noio] [Options]
安全管道
WinDBG.exe -server spipe:proto=Protocol,certuser=Cert|machuser=Cert},pipe=PipeName[,hidden],password=Password] [-noio] [Options]
SSL 协议
WinDBG.exe -server ssl:proto=Protocol,certuser=Cert|machuser=Cert},port=Socket[,hidden],password=Password] [-noio] [Options]
WinDBG.exe -server ssl:proto=Protocol,certuser=Cert|machuser=Cert},port=Socket,clicon=Client[,password=Password] [-noio] [Options]
示例:
WinDBG.exe -server npipe:pipe=DbgPipe winmine.exe (使用命名管道DbgPipe 建立调试服务,调试winmine.exe 程序)
WinDBG.exe -server tcp:port=1025 -p 122 (使用TCP协议,在端口1025建立调试服务, 调试机器上进程号为122的程序, 或者说Attach 到122进程进行调试)
第二步, 用WinDBG client 端连接服务端
使用 -remote 参数可以使WinDBG 以客户端方式启动去连接服务端, 可以指定不同的连接方式:
命名管道
WinDBG.exe -remote npipe:server=Server,pipe=PipeName[,password=Password]
TCP 协议
WinDBG.exe -remote tcp:server=Server,port=Socket[,password=Password][,ipversion=6]
WinDBG.exe -remote tcp:clicon=Server,port=Socket[,password=Password][,ipversion=6]
串口/并口
WinDBG.exe -remote com:port=COMPort,baud=BaudRate,channel=COMChannel[,password=Password]
安全管道
WinDBG.exe -remote spipe:proto=Protocol,{certuser=Cert|machuser=Cert},server=Server,pipe=PipeName[,password=Password]
SSL 协议
WinDBG.exe -remote ssl:proto=Protocol,{certuser=Cert|machuser=Cert},server=Server,port=Socket[,password=Password]
WinDBG.exe -remote ssl:proto=Protocol,{certuser=Cert|machuser=Cert},clicon=Server,port=Socket[,password=Password]
示例 (假设被调试的机器名字是dbgPC):
WinDBG.exe-remote npipe:server=dbgPC,pipe=DbgPipe (使用命名管道DbgPipe 建立连接被调试机器dbgPC)
WinDBG.exe-remote tcp:server=dbgPC,port=1025 (使用TC协议, 连接被调试机器dbgPC的端口1025)
关于Windows 远程调试更多详细的内容,请参考MSDN http://msdn.microsoft.com/en-us/library/cc266457.aspx
信息来源:
http://blog.csdn.net/WinGeek/archive/2009/02/27/3941301.aspx
WinDBG的远程调试由服务端和客户端组成,和visual studio类似。 被调试的机器是服务端(server), 我们做调试的机器是客户端(client)。 两台机器都需要安装WinDBG。
第一步, 建立WinDBG server 端。
使用 -server 参数可以使WinDBG 以服务器方式启动。 WinDBG可以用多种连接协议让客户端连接,比如命名管道(named pipe), 安全管道(secure pipe), TCP 协议(socket), SSL 协议, 串口/并口(COM port) 等等。
命名管道
WinDBG.exe -server npipe:pipe=PipeName[,hidden][,password=Password][,IcfEnable] [-noio] [Options]
TCP 协议
WinDBG.exe -server tcp:port=Socket[,hidden][,password=Password][,ipversion=6][,IcfEnable] [-noio] [Options]
WinDBG.exe -server tcp:port=Socket,clicon=Client[,password=Password][,ipversion=6] [-noio] [Options]
串口/并口
WinDBG.exe -server com:port=COMPort,baud=BaudRate,channel=COMChannel[,hidden],password=Password] [-noio] [Options]
安全管道
WinDBG.exe -server spipe:proto=Protocol,certuser=Cert|machuser=Cert},pipe=PipeName[,hidden],password=Password] [-noio] [Options]
SSL 协议
WinDBG.exe -server ssl:proto=Protocol,certuser=Cert|machuser=Cert},port=Socket[,hidden],password=Password] [-noio] [Options]
WinDBG.exe -server ssl:proto=Protocol,certuser=Cert|machuser=Cert},port=Socket,clicon=Client[,password=Password] [-noio] [Options]
示例:
WinDBG.exe -server npipe:pipe=DbgPipe winmine.exe (使用命名管道DbgPipe 建立调试服务,调试winmine.exe 程序)
WinDBG.exe -server tcp:port=1025 -p 122 (使用TCP协议,在端口1025建立调试服务, 调试机器上进程号为122的程序, 或者说Attach 到122进程进行调试)
第二步, 用WinDBG client 端连接服务端
使用 -remote 参数可以使WinDBG 以客户端方式启动去连接服务端, 可以指定不同的连接方式:
命名管道
WinDBG.exe -remote npipe:server=Server,pipe=PipeName[,password=Password]
TCP 协议
WinDBG.exe -remote tcp:server=Server,port=Socket[,password=Password][,ipversion=6]
WinDBG.exe -remote tcp:clicon=Server,port=Socket[,password=Password][,ipversion=6]
串口/并口
WinDBG.exe -remote com:port=COMPort,baud=BaudRate,channel=COMChannel[,password=Password]
安全管道
WinDBG.exe -remote spipe:proto=Protocol,{certuser=Cert|machuser=Cert},server=Server,pipe=PipeName[,password=Password]
SSL 协议
WinDBG.exe -remote ssl:proto=Protocol,{certuser=Cert|machuser=Cert},server=Server,port=Socket[,password=Password]
WinDBG.exe -remote ssl:proto=Protocol,{certuser=Cert|machuser=Cert},clicon=Server,port=Socket[,password=Password]
示例 (假设被调试的机器名字是dbgPC):
WinDBG.exe-remote npipe:server=dbgPC,pipe=DbgPipe (使用命名管道DbgPipe 建立连接被调试机器dbgPC)
WinDBG.exe-remote tcp:server=dbgPC,port=1025 (使用TC协议, 连接被调试机器dbgPC的端口1025)
关于Windows 远程调试更多详细的内容,请参考MSDN http://msdn.microsoft.com/en-us/library/cc266457.aspx
信息来源:
http://blog.csdn.net/WinGeek/archive/2009/02/27/3941301.aspx
驱网最有价值专家评选-DVP ,发送 "ARDVP#帮助过你的会员的用户名"(不包括引号) 到 106693891152
顶端
- 回复
- 引用
- 收藏
更多
znsoft
老头级程序员
级别: 管理员
沙发 发表于: 3小时前
Debugging LSA via dbgsrv.exe
This is my latest best friend ( thanks to a colleague of mine on the base Dev Support team ) .. easy to use and not all the setup of a kernel or csrss debug. You don’t have the risks of debugging LSA on the same machine, nor do you need to reboot to use this method.
When using this method you don’t need symbols on the target either – another bonus.
On the target machine:
Find the PID for LSA via tlist.exe
Then run this command:
C:/Program Files/Debugging Tools for Windows>dbgsrv.exe -t tcp:port=1234,password=spat
On your debugger:
Run this command to attach to LSA on the remote machine.
I:/debugger>windbg.exe -premote tcp:server=192.168.1.102,port=1234,password=spat -p 596 -- where 596 = PID of LSASS
Set your symbols on your debugger:
0:021> .sympath
Symbol search path is: SRV*i:/symbols_pub*http://msdl.microsoft.com/download/symbols
Note that anything which needs LSASS on the target machine, will be postponed while you debug LSA ( until you ‘g’ the debugger )
Now you are ready to go!
When you want to quit – make sure you use ‘qd’ to ‘quit and detach’ so you don’t kill LSA on the target machine.
Have fun debugging...
This is my latest best friend ( thanks to a colleague of mine on the base Dev Support team ) .. easy to use and not all the setup of a kernel or csrss debug. You don’t have the risks of debugging LSA on the same machine, nor do you need to reboot to use this method.
When using this method you don’t need symbols on the target either – another bonus.
On the target machine:
Find the PID for LSA via tlist.exe
Then run this command:
C:/Program Files/Debugging Tools for Windows>dbgsrv.exe -t tcp:port=1234,password=spat
On your debugger:
Run this command to attach to LSA on the remote machine.
I:/debugger>windbg.exe -premote tcp:server=192.168.1.102,port=1234,password=spat -p 596 -- where 596 = PID of LSASS
Set your symbols on your debugger:
0:021> .sympath
Symbol search path is: SRV*i:/symbols_pub*http://msdl.microsoft.com/download/symbols
Note that anything which needs LSASS on the target machine, will be postponed while you debug LSA ( until you ‘g’ the debugger )
Now you are ready to go!
When you want to quit – make sure you use ‘qd’ to ‘quit and detach’ so you don’t kill LSA on the target machine.
Have fun debugging...
远大前程,免费招聘,求职 --第二代人力资源网站,免费!!!HOT!!! **荣誉试运行,投递简历有奖**
顶端
- 回复
- 引用
更多
znsoft
老头级程序员
级别: 管理员
板凳 发表于: 3小时前
双机方向调应用程序(我以前发过原创版本的)
http://blogs.msdn.com/spatdsg/archive/2005/12/27/507265.aspx
Debugging LSA from Kernel
A kernel debug also gives me the advantage of debugging any other process on the machine. LSA ends up processing a lot of requests from other processes via LPC calls. So, many time, it is very nice to be able to set breaks in these other processes.
When doing a kernel debug with LSA I like to use something like this:
Get the process address for LSASS
0: kd> !process 0 0 lsass.exe
PROCESS 815196c0 SessionId: 0 Cid: 010c Peb: 7ffdf000 ParentCid: 00e4
DirBase: 042d2000 ObjectTable: 81519aa8 TableSize: 859.
Image: LSASS.EXE
Switch to the process context:
Either
.process /p /r 815196c0
Or
.process –i 815196c0 ;g;.reload /user
Debugging LSA from Kernel
A kernel debug also gives me the advantage of debugging any other process on the machine. LSA ends up processing a lot of requests from other processes via LPC calls. So, many time, it is very nice to be able to set breaks in these other processes.
When doing a kernel debug with LSA I like to use something like this:
Get the process address for LSASS
0: kd> !process 0 0 lsass.exe
PROCESS 815196c0 SessionId: 0 Cid: 010c Peb: 7ffdf000 ParentCid: 00e4
DirBase: 042d2000 ObjectTable: 81519aa8 TableSize: 859.
Image: LSASS.EXE
Switch to the process context:
Either
.process /p /r 815196c0
Or
.process –i 815196c0 ;g;.reload /user
- 使用windbg进行远程调试
- 使用dbgsrv及windbg进行远程调试
- (译)使用WinDBG进行内核调试(Fundamentals)
- (译)使用WinDBG进行内核调试(Fundamentals)
- 使用WinDBG进行双机内核调试
- 使用WinDBG进行双机内核调试
- windbg远程调试
- Windbg远程调试
- windbg远程调试方法
- Windbg远程调试
- windbg远程调试方法
- windbg远程调试方法
- windbg远程调试方法
- windbg远程调试方法
- windbg双机远程调试
- windbg 进行调试
- 使用Eclipse进行远程调试
- 使用Eclipse进行远程调试
- 1753 Flip Game
- 做到忘记
- Head First C# 中文版 图文皆译 第八章 枚举和集合 page341
- 现代社会谨防三种人
- HashSet ArrayList HashMap遍历的两种形式
- 使用windbg进行远程调试
- GHOST全盘镜像制作(全盘备份)教程.及全盘分区教程。
- 一个企业家心灵最深处的渴望优秀人才的卓越追求和深层次的叹息
- 对于访问IIS元数据库失败的解决
- 新人报到,CSDN万岁
- 启动代码start.s分析1
- 网刻
- java.lang.OutOfMemoryError 解决办法收集总结
- 士兵排序--------冒泡排序的一个应用
