Questions tagged [debugging-symbols]
Extra information added to help for debugging purpose. It gathers information about each variable, type, procedure, etc, and link the assembly code to source code. Usual debugging-symbols formats includes DWARF, stabs, PDB ...
38
questions
0
votes
0
answers
221
views
Need Help Cracking a Program
So I've got this .exe that I want to crack. It's an old management system for people in truck loading business.
I kind of understand what's happening with window API calls but I'm unable to access the ...
3
votes
1
answer
337
views
Load PDB for MemoryModule-loaded DLL in x64dbg
I need to debug a DLL, which I have a PDB file for.
The debug target is a program, that loads the DLL using MemoryModule library from Github.
The loaded module isn't listed as a module in x64dbg, ...
- 43
3
votes
1
answer
4k
views
How to load a PDB file into x64dbg?
I want to see symbols in the disassembly wherever possible, and I have a PDB file for the .exe I'm debugging, but I can't find a way to load the PDB file from disk. Is it even possible?
- 187
1
vote
1
answer
180
views
analyze how data is read in android usb device
I've a huawei envizion 360, which doesn't provide any API for other application. But I want to read raw data from this device, to an android or to a raspberry-pi for debugging and development purpose. ...
- 111
4
votes
2
answers
3k
views
Is it possible to download program database (PDB) files of Microsoft Windows binaries without installing any software?
I want to download the .pdb files of Windows binaries (e.g., notpad.exe) on machines where the user doesn't have admin rights, nor has any debugger available. I was wondering if it is possible to ...
- 189
2
votes
1
answer
1k
views
WinDBG doesn't resolve function names when debugging kernel module
I am debugging a kernel driver. When I set a breakpoint with WinDBG in one of its functions but it doesn't complete the function names while on IDA it shows the names (statically).
Here is a picture ...
- 583
0
votes
1
answer
1k
views
Can I force GDB breakpoints and disassemble?
Sorry English isn't my first language.
I noticed something when setting breakpoints in GDB. It appears that they are ignored if symbols aren't loaded.
I have found it weird how GDB behaves when there ...
- 793
1
vote
2
answers
62
views
In the context of the Windows API, what extra information do the debugging symbols provide that the export table doesnt provide?
Take for example, 'kernel32.dll', the export table already provides the list of exported functions, then in what use case, would I need to download the debugging symbols for it from the MS symbol ...
- 319
1
vote
1
answer
64
views
How are members of a Structure Type positioned on the stack?
Some of the structure types have members that are not stacked next to each other. Check out the structure type at 0x33E6 in bzip2_base (x86-64) here. There's an int at location offset 0, a char at 4 ...
- 15
0
votes
1
answer
145
views
How is padding size calculated for members of structure types?
Looking at DWARFs of bzip2_base I see different offsets between members of a structure type although they are of the same type. Check _IO_FILE structure at the offset 0x9c here. All the way until the ...
- 15
1
vote
0
answers
146
views
dwarf: variable offset from base
I have a simple code:
int main()
{
int a = 4;
printf("%d\n", a);
a = 8;
if (a == 8)
printf("%d\n", a);
return 0;
}
DIEs for the function and variable:
<1><32a>: Abbrev ...
- 1,807
1
vote
0
answers
93
views
PowerPC executable doesn't show debugging symbols in Ghidra
I have a PowerPC executable (Wipeout 2097 for Macintosh) that when opened in IDA will have all its function names resolved from debugging symbols in the executable right out of the box.
In Ghidra ...
- 249
1
vote
2
answers
2k
views
IDA 7.0 (free) fails to load symbols with message "DWARF: Cannot determine location of DWARF info" during debugging
Here's the steps to repro. Just installed IDA (free) v.7.0 on a brand-new installation of Windows 10 (x64) in a VM:
Then loaded a test PE file and started debugging it (using Local Windows Debugger):
...
- 1,711
2
votes
0
answers
3k
views
How to add symbols from open source lib to Ghidra?
I have a binary which I can tell is using rapidjson (open source C++ library) (header only/not dynamically linked). How can I load debug symbols from that? It would help to see the types, function ...
- 121
4
votes
2
answers
6k
views
GHIDRA: How to load symbols from a text (map) file
I'm having trouble loading symbols for a very old Delphi-7 EXE. I posted a separate question regarding loading the DBG file symbols. Another approach would be to convert the debug symbols (available ...
