Comments (4)
jazzdelightsme
commented on July 28, 2024
Thanks for the feedback!
It smells a bit funny to have to do text processing; one of the big advantages of doing stuff in Powershell/DbgShell is that you can have objects, not strings.
That said, I understand sometimes it's necessary to interop with something, or even just have a way to simply persist a lot of intermediate results. So:
There is code in DbgShell that will do it:
Get-Content Candidates.log | `
Read-DbgMemory -LengthInBytes 4 | `
Out-String -Stream | `
%{ [MS.Dbg.ColorString]::StripPrerenderedColor( $_ ) } | `
Out-File Values.txtSo then the question is: how to make it more discoverable?
Perhaps a cmdlet/function to wrap that method... but what should the noun be? Remove-Color, maybe?
Were there any command names that you searched for (but didn't find)?
from dbgshell.
jazzdelightsme
commented on July 28, 2024
BTW... I assume you are/were attached to a 32-bit target, because I noticed a bug with Read-DbgMemory--the default memory display format is PointersWithAscii, but if pointers are 8 bytes and you only read 4 bytes... it won't display anything (because you didn't even read a full pointer). (I'll fix this.)
Did you want the ascii in your output? If not, you can tell it what you want the display format to be. Ex: Read-DbgMemory -DefaultDisplayFormat DWords ....
And another point about this... another way you could not even go through [MS.Dbg.DbgMemory]'s formatting is to just access the DbgMemory object directly. Something like:
Get-Content Candidates.log | `
Read-DbgMemory -LengthInBytes 4 | `
%{ $_.StartAddress.ToString( "x" ) + " " + $_.DWords[ 0 ].ToString( "x" ) } | `
Out-File Values.txtfrom dbgshell.
Zhentar
commented on July 28, 2024
but what should the noun be? Remove-Color, maybe?
Out-StringNoColor would make sense to me and be pretty easy to find.
Funny thing about the PointersWithAscii... I successfully ran it twice without any Ascii characters in it, then today I ran it again and they showed up. And I just realized why.... DefaultDisplayFormat is sticky. The times I ran it before had been preceded by dd commands. I understand why it behaved that way now, but it's a bit surprising.
from dbgshell.
jazzdelightsme
commented on July 28, 2024
Yeah, sorry about the memory command stickiness. It was intended to model the same experience as windbg, but in hindsight, perhaps the "stickiness" part could have been done just for the windbg-like commands (dd, dp, etc.) and Read-DbgMemory could've been more standard. I don't know that it's worth bothering about right now, though.
For the new command, I decided to have it both ways--I named the function Remove-Color, but added an alias Out-StringNoColor.
The issue with Read-DbgMemory not showing anything if the display format doesn't jive with the read size is also fixed.
Thanks again for contributing!
from dbgshell.
Related Issues (20)
- Integrate with C#? HOT 1
- Integrate capstone (or something) as the disassembler HOT 4
- Use ClrMd to synthesize a DbgModuleInfo for managed modules
- Read-DbgDisassembly doesn't resolve Address from Piped Get-DbgSymbol HOT 3
- Unhandled Exception: System.Exception: Could not load dbgeng.dll on Win7. HOT 2
- Skinny Null Terminated String Functions Don't Allow Partial Reads HOT 3
- Enhancement: dps but with recursive safe pointer following HOT 2
- PEB not included in process level namespace HOT 1
- Make enum for psuedo registers HOT 4
- EnumerateLIST_ENTRY doesn't work HOT 5
- AltPropertyColumn Displays null as $null rather than blank HOT 2
- Memory Search HOT 6
- AddressTransformation integer handling does the opposite of what it is supposed to HOT 2
- Trying to access an element of a `Span<byte>` throws a VerificationException HOT 2
- Can't pipeline directory contents to Mount-DbgDumpFile HOT 9
- DbgHelp is slow and other symbol "fun" HOT 2
- Formatting: Format-Table et al need to handle -Property HOT 1
- Need some rails to prevent dbgeng-unsupported scenarios like mixed dump + live proc
- captured stdout output is garbled HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dbgshell.