We were researching about NTSD, I thought why not post a list of commands that are of use while working with NTSD.
NTSD is a debugger for WinNT & Win2K that can be used to debug application bugs and traps.
These are the commands/switches that you might find of use:
.hh - Show Help
.enable_unicode - Treat USHORT* as LPWSTR
k - Dump the stack
kb - Dump the stack with Params
kn – Dump the stack with Frame #
kd - Dump stack dissassembly
r – Dump the registers
~#s – Change to thread (Example: ~3s)
dd # - Dump the data (Example: dd 01f056548)
dt # - Dump the structure
dc # – Dump the data/and characters
da # – Dump the characters
du # – Dump the Unicode characters
dv – Dump local varialbes
dt – Display Type Information
sx – Set Exception
bp – Set Breakpoint
bl – List Breakpoints
bd – Disable Breakpoint
bd – Clear Breakpoint
!locks – Show Locks
lm – List the Loaded Modules
!lmi – Module info (Ex. !lmi vbscript)
!gle – Get Last Error
.dump – Create a crash dump file
.chain – List loaded extension
.load – Load a debugger extension
.unload – Unload a debugger extension
!handle - List Handles
* / . – echo comments
!sym noisy/quiet – Generate verbose output from symbol loader
.reload – Reload symbols
.server – Start a debugging server
.logopen c:file.txt – Enable logging to c:file.txt.
.logappend c:file.txt – Append log to c:file.txt.
.logclose – Close log.
.frame # – Switch to frame number #.
.kframes # – Set # of frames to list.
lmv m[Module Name] - Module Info (Example: lmv mexplorer)
!heap – Lists the process heaps -(Example: !heap -? Gives help)
.sympath – Useful for viewing or setting the symbol path.
Related External Links
Searches leading to this post:
ntsd commands, ntsd command, ntsd windows, ntsd commandline
Comments on this entry are closed.