O'Reilly logo

Windows Debugging Notebook: Essential User Space WinDbg Commands by Dmitry Vostokov, Roberto Alexis Farah

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Editing memory (a, eb, ed, ew, eza, ezu)

When talking about editing memory we usually think about patching code. Patching code means changing the binary code in memory when we want to prove a hypothesis while debugging and we don't have access to the source code. This is a very exciting subject and WinDbg has the right tools to do the job.

To learn how to edit memory let's crack the application below. We will use the Debug version compiled as 32 bit project. This is just to make things easier because we can use alo 64 bit version or Release version. The techniques are the same.

// CrackMe.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include <iostream> using namespace std; // Necessary for cout/cin. // Declares ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required