问题
I'm having a hard time to control my application using WinDbg, I had already posted my question here and left that approach as I'm not able figure out a way on how to achieve that. Now I'm working on the approach that after breakpoint is hit, I would like to branch out my application execution and prompt input from user who is running the debugger.
DWORD dwRand = 0;
volatile bool bDebug = false;
if (!bDebug)
{
dwRand = Rand(minValue, maxValue);
}
else
{
cout << "\n Enter dwRand: ";
cin >> dwRand;
}
return dwRand;
So my idea is to set the bDebug and get the input from user so I can continue other threads execution and waiting for user input.
I found these links1 2 3 are explaining the technique but I would like to attach to a process which is already running remotely. I tried with WinDbg command options but that did not turn out to be solution for me. Can somebody suggest me on how to achieve this.
回答1:
The Pseudo code above does not convey your intent.
I am not sure why you require a kernel debugging connection to remote debug an executable (reference the link in your query)
if you want to debug an executable running in a remote machine that you can connect to use remote debugging connection session.
a sample setup enumerated below debugs calc.exe running in a remote machine using remote debugging session
Host-----------------physical machine xp sp3 32 bit
target---------------virtual machine xp sp3 32 bit
network--------------Loop back Adapter
C:\>net view | grep -i xp & echo kd wont connect target not booted with /DEBUG
\\XPSP3VM
kd wont connect target not booted with /DEBUG
C:\>kd -k com:pipe,port=\\.\pipe\debugPipe,resets=0,reconnect
Opened \\.\pipe\debugPipe
Waiting to reconnect...
^B <---------force exit
"lets run windbg -server npipe:pipe=\\.\pipe\debugPipe -v calc.exe
in the target machine and connect to it with cdb -server:xxxx from host
C:\>cdb -remote npipe:server=xpsp3vm,pipe=\\.\pipe\debugPipe
Connected to server with 'npipe:server=xpsp3vm,pipe=\\.\pipe\debugPipe'
CommandLine: calc.exe (mapped shared folder in host)
Symbol search path is: srv*z:\*http://msdl.microsoft.com/download/symbols
7c90120e cc int 3
\Admin (npipe \\.\pipe\debugPipe) connected at Wed Jul 22 11:49:41 2015
0:000> .echo "yay we are remote debucking now"
yay we are remote debucking now
0:000> lm m calc*
start end module name
01000000 0101f000 calc (deferred)
.clients
\Admin (npipe \\.\pipe\debugPipe), last active Wed Jul 22 11:54:19 2015
HostMachine\HostUser, last active Wed Jul 22 11:44:06 2015
0:000> kb
ChildEBP RetAddr Args to Child
0007fb1c 7c9402ed 7ffde000 7ffdf000 00000000 ntdll!DbgBreakPoint
0007fc94 7c91fad7 0007fd30 7c900000 0007fce0 ntdll!LdrpInitializeProcess+0x1014
0007fd1c 7c90e457 0007fd30 7c900000 00000000 ntdll!_LdrpInitialize+0x183
00000000 00000000 00000000 00000000 00000000 ntdll!KiUserApcDispatcher+0x7
0:000> .echo "only echo is echoed all other aw are dumped here"
only echo is echoed all other aw are dumped here
a screenshot added in case what is written sounds gibberish
来源:https://stackoverflow.com/questions/31533512/can-windbg-connect-to-stdin-of-a-debuggee-which-is-running-remotely