This actually applies to any application but most applicable for COM/DCOM servers and Windows services.
For example, to debug Notepad application remotely or on another session add the following to the registry on the target computer.
c:\> reg.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Notepad.exe" /v debugger /t REG_SZ /d "\"C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\cdb.exe\" -server tcp:port=5500 -g -G" /f
When Notepad.exe is run it will automatically be attached to a debugger (cdb). To connect to the cdb session using WinDbg, do
c:\> "C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\windbg.exe" -remote tcp:server=localhost,port=5500
~ts
No comments:
Post a Comment