Re: Initiation of a Debugger using CreateProcess

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "Jacky Luk" <jl@xxxxxxxxxx>
• Date: Sat, 25 Jun 2005 16:28:30 +0800

---

Sorry, What I meant by "started with CreateProcess" was the debuggee instead
of starting the debugger in a remote process... Thanks
Jack

"Jacky Luk" <jl@xxxxxxxxxx> ¼¶¼g©ó¶l¥ó·s»D:O8Mzv5VeFHA.1040@xxxxxxxxxxxxxxxxxxxxxxx
> Hi,
> I'm intending to write a private debugger for my own use, but it must be
> started with CreateProcess, how can I retrieve and control its "context"
> such as the base address loaded by the Windows Loader? Is it possible to
> disassemble the exe in this way? Also, how can I implement the feature of
> VB6 debugger (called JIT?)such that I can control the context outside the
> debugger when the debugger is waiting on an event? (so that I can switch
> to other programs) I have encountered this problem when using Softice...
> For example, when Softice is "doing" something, other processes are
> freezed and you jump out of it (Ctrl-D) and come back later, (because of
> its sticky feature), the current address of the debuggee would have
> changed, and it is looking at something else than what I was doing
> before.... quite subtle, hope you understand...
> Thanks
> Jack
>


.

---

• Follow-Ups:
  • Re: Initiation of a Debugger using CreateProcess
    • From: Jacky Luk

• References:
  • Initiation of a Debugger using CreateProcess
    • From: Jacky Luk

• Prev by Date: Initiation of a Debugger using CreateProcess
• Next by Date: Re: Initiation of a Debugger using CreateProcess
• Previous by thread: Initiation of a Debugger using CreateProcess
• Next by thread: Re: Initiation of a Debugger using CreateProcess
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Loading exe at fixed preferred address ... Après mure réflexion, Jack a écrit: ... I am building a kernel debugger. ... >> preferred load address of the module is 0x401000, ... (microsoft.public.win32.programmer.kernel) Re: Initiation of a Debugger using CreateProcess ... Jack ... > void main ... >> instead of starting the debugger in a remote process... ... >>> later, (because of its sticky feature), the current address of the ... (microsoft.public.win32.programmer.kernel) Re: strtok ... There seems to be a problem on this line (from the debugger) ... Where I defined g_pMappedFileBase as PBYTE ... Jack ... > Hi Jacky! ... (microsoft.public.vc.language) Re: Initiation of a Debugger using CreateProcess ... debuggee based on the context... ... Jack ... >> instead of starting the debugger in a remote process... ... >>> later, (because of its sticky feature), the current address of the ... (microsoft.public.win32.programmer.kernel) Re: A question about JIT debugger ... That is a lot of code running in the crashed process context ... There are many other reasons that can prevent JIT debugger from working. ... who attempts to launch the JIT debugger using CreateProcess. ... (microsoft.public.win32.programmer.kernel)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Development  > microsoft.public.win32.programmer.kernel  > 2005-06