WinDbg automation: Collect all binaries loaded by process

This windbg script collects all binaries (dll and exe) that are currently loaded by process.

This useful operation is required if it is planned to create memory dump and process it on another machine. So you need the all (in worst case) binaries from dumped process.

It is placed here https://github.com/DmitryKrinitsyn/WinDbg

How to use:

  1. Obtain “cb.wds” script. Check it out from git repository or just copy+paste text and save it as “cb.wds” file.
  2. Store “cb.wds” file somewhere it can be easy referred from WinDbg, for example WinDbg’s installation folder (C:\Program Files\Debugging Tools for Windows (x86)\)
  3. Enter WinDbg’s command line “$$>a< cb.wds <local path to store binaries>
  4. Enjoy J

Comments, suggestions and new proposed desired WinDbg automations are highly appreciated.

Advertisements

About DmitryKrinitsyn
Software developer and muay thai adept

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: