O'Reilly logo

Windows Debugging Notebook: Essential User Space WinDbg Commands by Dmitry Vostokov, Roberto Alexis Farah

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

.shell

This is a very powerful command! It launches a shell process and redirects its output either to a WinDbg window or to a file.

Usage:

.shell [Options] [ShellCmd]
.shell -i InFile [-o OutFile [-e ErrFile]] [Options] ShellCmd

According to the WinDbg help, options can be:

-ci  "Cmdl; Cmd2;  ..."

Processes any number of debugger commands and then passes their output as an input to the process being launched.

-x

Causes any process being launched to be completely detached from WinDbg and thus to continue running after WinDbg session ends.

The way we can use it is:

.shell -i - -ci "command" FIND "string" /i

Why do we use FIND? The FIND command is not a part of .shell. It's a DOS command. .shell gives us access to the OS command shell. We ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required