Menu
Hi I have some trouble understanding how does one work with windbg. So far I have only used IDA pro free and ollydbg for reading assembly produced by cl.exe, the visual studio compiler, which is what I want to do only using windbg instead. I dont add any debugging information to my programs, I just want to see the assembly. Basicaly the problem Im having is that I cant get to the entry point of my executable. After loading the executable, windbg prints some warnings about no symbol files found, which I dont care about and since breakpoints dont get me anywhere I decided to get there simply by repeating "step over" a couple times (which is "p" right?). The debug starts at some high addresses in ntdll and after couple steps it stops debugging after calling NtContinue with "no debugee error". Thank you, stu.
995
$exentry The address of the entry point of the first executable of the current process. Note: if you use the CRT then this will be the CRT's main that eventually calls your main.
So try u $exentry to start disassembling. You'll eventually find the call instruction that calls your main.
89
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
