Rating: No reviews yet
Downloads: 82
Released: Dec 24, 2012
Updated: Dec 25, 2012 by kernelnet
Dev status: Alpha Help Icon

Recommended Download

application, 10266K, uploaded Dec 25, 2012 - 37 downloads

Other Available Downloads

application, 10266K, uploaded Dec 25, 2012 - 45 downloads

Release Notes

  • Added: getVersion routine ( return tuple of the module's file version )
  • Added: queryVersion ( return string from the module's version resources )
  • Fixed: getStackWow64
  • Fixed: getting local variables by index

Merry Christmas and happy New Year!!!
Thank you for your support!

  • Added: getProcessThreads ( Get all process's threads ( user mode only ) )
  • Fixed: stack overflow during work with linked list

  • Added: getStackTraceWow64 routine (return part of a stack from WOW64 context)
  • Added: findMemoryRegion routine (find valid memory region in the taget process virtual memory)
  • Added: getVaProtect (return protection attributes of the virtual address of the target usermode process)
  • Added callback for exception handling

  • Fixed: script cannot be run by !py command without typing its extension if its lengtn <=3 ( You can do: !py ab )
  • Fixed: removed annoying stacktrace output for system exit exception
  • Fixed: ptr value sometimes is not extended to 64 bit format

  • Fixed: Abnormal process termination after findSymbol call
  • Fixed : Abnormal process termination after setCurrentProcess, setImplicitThread calls
  • Added: cache for symbols ( symbols files is opened only once )
  • Added : output stacktrace for event callbacks

  • Fixed: multiple bugs at WOW64 mode
  • Fixed: added 'forgotten' setProcessorMode routine
  • Fixed: deadlock after calling !py command without args

  • Fixed: print typedVar with invalid address will not raise MemoryException ( ???? printed instead )
  • Fixed: IDebugEventCallback::LoadModule and IDebugEventCallback::UnloadModule exception occured during live debugging
  • New feature: module::enumSymbols method ( return list of symbols )

  • New feature: script running in windbg can be termintated by Ctrl+Break

Reviews for this release

No reviews yet for this release.