-
-
[求助]在windbg种怎样查看EPROCESS的结构??
-
发表于:
2008-11-8 16:10
9672
-
[求助]在windbg种怎样查看EPROCESS的结构??
我知道先进入kernel debug,然后dt _EPROCESS,可是提示错误???为什么???windbg的配置有问题?????请大家帮忙!!!!!!
错误信息如下:
lkd> dt_EPROCESS
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: _EPROCESS ***
*** ***
*************************************************************************
Symbol _EPROCESS not found.
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课