查看文章 |
VistaLKD - 动态开启 vista 系统本机内核调试功能
2008-04-13 22:02
VistaLKD by 小喂
WinDbg 的本机内核调试是个很强大的功能,可以查看修改内核信息。但从 Vista 系统以后,缺省不能使用本机内核调试功能,只能修改启动项打开调试功能重启后才能使用。所以写了个 VistaLKD 小工具,可以动态打开本机内核调试功能,方便使用。 D:\WinDbg>kd -kl Microsoft (R) Windows Debugger Version 6.8.0004.0 X86 Copyright (c) Microsoft Corporation. All rights reserved. OSVERSIONINFO(276,6,0,6000,2) Local kernel debugging is disabled by default in Windows Vista, you must run "bcdedit -debug on" and reboot to enable it . Debuggee initialization failed, HRESULT 0x80004001 "<Unable to get error code text>" D:\WinDbg>kd -kl Microsoft (R) Windows Debugger Version 6.8.0004.0 X86 Copyright (c) Microsoft Corporation. All rights reserved. OSVERSIONINFO(276,6,0,6000,2) Connected to Windows Vista 6000 x86 compatible target, ptr64 FALSE Symbol search path is: srv*E:\WebSymbols*http://msdl.microsoft.com/download/symbols Executable search path is: ******************************************************************************* WARNING: Local kernel debugging requires booting with kernel debugging support (/debug or bcdedit -debug on) to work optimally. ******************************************************************************* Windows Vista Kernel Version 6000 MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 6000.16584.x86fre.vista_gdr.071023-1545 Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11e10 Debug session time: Sat Apr 5 07:32:21.600 2008 (GMT+8) System Uptime: 0 days 0:05:36.475 lkd> |
最近读者: