winappdbg.interactive
Interactive debugging console.
- exception winappdbg.interactive.CmdError
Exception raised when a command parsing error occurs. Used internally by
ConsoleDebugger.
- class winappdbg.interactive.ConsoleDebugger
Interactive console debugger.
See also
- do_attach(arg)
attach <target> [target…] - attach to the given process(es)
- do_ba(arg)
[~thread] ba <a|w|e> <1|2|4|8> <address> - set hardware breakpoint
- do_bc(arg)
[~process] bc <address> - clear a code breakpoint [~thread] bc <address> - clear a hardware breakpoint [~process] bc <address-address> - clear a memory breakpoint [~process] bc <address> <size> - clear a memory breakpoint
- do_bd(arg)
[~process] bd <address> - disable a code breakpoint [~thread] bd <address> - disable a hardware breakpoint [~process] bd <address-address> - disable a memory breakpoint [~process] bd <address> <size> - disable a memory breakpoint
- do_be(arg)
[~process] be <address> - enable a code breakpoint [~thread] be <address> - enable a hardware breakpoint [~process] be <address-address> - enable a memory breakpoint [~process] be <address> <size> - enable a memory breakpoint
- do_bl(arg)
bl - list the breakpoints for the current process bl * - list the breakpoints for all processes [~process] bl - list the breakpoints for the given process bl <process> [process…] - list the breakpoints for each given process
- do_bm(arg)
[~process] bm <address-address> - set memory breakpoint
- do_bo(arg)
[~process] bo <address> - make a code breakpoint one-shot [~thread] bo <address> - make a hardware breakpoint one-shot [~process] bo <address-address> - make a memory breakpoint one-shot [~process] bo <address> <size> - make a memory breakpoint one-shot
- do_bp(arg)
[~process] bp <address> - set a code breakpoint
- do_break(arg)
break - force a debug break in all debugees break <process> [process…] - force a debug break
- do_console(arg)
console <target> [arguments…] - run a console program for debugging
- do_continue(arg)
continue - continue execution g - continue execution go - continue execution
- do_d(arg)
[~thread] d <register> - show memory contents [~thread] d <register-register> - show memory contents [~thread] d <register> <size> - show memory contents [~process] d <address> - show memory contents [~process] d <address-address> - show memory contents [~process] d <address> <size> - show memory contents
- do_db(arg)
[~thread] db <register> - show memory contents as bytes [~thread] db <register-register> - show memory contents as bytes [~thread] db <register> <size> - show memory contents as bytes [~process] db <address> - show memory contents as bytes [~process] db <address-address> - show memory contents as bytes [~process] db <address> <size> - show memory contents as bytes
- do_dd(arg)
[~thread] dd <register> - show memory contents as dwords [~thread] dd <register-register> - show memory contents as dwords [~thread] dd <register> <size> - show memory contents as dwords [~process] dd <address> - show memory contents as dwords [~process] dd <address-address> - show memory contents as dwords [~process] dd <address> <size> - show memory contents as dwords
- do_detach(arg)
[~process] detach - detach from the current process detach - detach from the current process detach <target> [target…] - detach from the given process(es)
- do_disassemble(arg)
[~thread] u [register] - show code disassembly [~process] u [address] - show code disassembly [~thread] disassemble [register] - show code disassembly [~process] disassemble [address] - show code disassembly
- do_dq(arg)
[~thread] dq <register> - show memory contents as qwords [~thread] dq <register-register> - show memory contents as qwords [~thread] dq <register> <size> - show memory contents as qwords [~process] dq <address> - show memory contents as qwords [~process] dq <address-address> - show memory contents as qwords [~process] dq <address> <size> - show memory contents as qwords
- do_ds(arg)
[~thread] ds <register> - show memory contents as ANSI string [~process] ds <address> - show memory contents as ANSI string
- do_du(arg)
[~thread] du <register> - show memory contents as Unicode string [~process] du <address> - show memory contents as Unicode string
- do_dw(arg)
[~thread] dw <register> - show memory contents as words [~thread] dw <register-register> - show memory contents as words [~thread] dw <register> <size> - show memory contents as words [~process] dw <address> - show memory contents as words [~process] dw <address-address> - show memory contents as words [~process] dw <address> <size> - show memory contents as words
- do_eb(arg)
[~process] eb <address> <data> - write the data to the specified address
- do_f(arg)
[~process] f <string> - find the string in the process memory [~process] find <string> - find the string in the process memory
- do_find(arg)
[~process] f <string> - find the string in the process memory [~process] find <string> - find the string in the process memory
- do_g(arg)
continue - continue execution g - continue execution go - continue execution
- do_gh(arg)
gh - go with exception handled
- do_gn(arg)
gn - go with exception not handled
- do_go(arg)
continue - continue execution g - continue execution go - continue execution
- do_help(arg)
? - show the list of available commands ? * - show help for all commands ? <command> [command…] - show help for the given command(s) help - show the list of available commands help * - show help for all commands help <command> [command…] - show help for the given command(s)
- do_k(arg)
[~thread] k - show the stack trace [~thread] stack - show the stack trace
- do_kill(arg)
[~process] kill - kill a process [~thread] kill - kill a thread kill - kill the current process kill * - kill all debugged processes kill <processes and/or threads…> - kill the given processes and threads
- do_m(arg)
[~process] m - show the process memory map [~process] memory - show the process memory map
- do_memory(arg)
[~process] m - show the process memory map [~process] memory - show the process memory map
- do_modload(arg)
[~process] modload <filename.dll> - load a DLL module
- do_next(arg)
p - step on the current assembly instruction next - step on the current assembly instruction step - step on the current assembly instruction
- do_p(arg)
p - step on the current assembly instruction next - step on the current assembly instruction step - step on the current assembly instruction
- do_pl(arg)
pl - show the processes being debugged processlist - show the processes being debugged
- do_plugin(arg)
[~prefix] .<name> [arguments] - run a plugin command [~prefix] plugin <name> [arguments] - run a plugin command
- do_processlist(arg)
pl - show the processes being debugged processlist - show the processes being debugged
- do_python(arg)
# - spawn a python interpreter python - spawn a python interpreter # <statement> - execute a single python statement python <statement> - execute a single python statement
- do_q(arg)
quit - close the debugging session q - close the debugging session
- do_quit(arg)
quit - close the debugging session q - close the debugging session
- do_r(arg)
[~thread] r - print(the value of all registers) [~thread] r <register> - print(the value of a register) [~thread] r <register>=<value> - change the value of a register [~thread] register - print(the value of all registers) [~thread] register <register> - print(the value of a register) [~thread] register <register>=<value> - change the value of a register
- do_refresh(arg)
refresh - refresh the list of running processes and threads [~process] refresh - refresh the list of running threads
- do_register(arg)
[~thread] r - print(the value of all registers) [~thread] r <register> - print(the value of a register) [~thread] r <register>=<value> - change the value of a register [~thread] register - print(the value of all registers) [~thread] register <register> - print(the value of a register) [~thread] register <register>=<value> - change the value of a register
- do_s(arg)
[~process] s [address-address] <search string> [~process] search [address-address] <search string>
- do_search(arg)
[~process] s [address-address] <search string> [~process] search [address-address] <search string>
- do_searchhex(arg)
[~process] sh [address-address] <hexadecimal pattern> [~process] searchhex [address-address] <hexadecimal pattern>
- do_sh(arg)
[~process] sh [address-address] <hexadecimal pattern> [~process] searchhex [address-address] <hexadecimal pattern>
- do_shell(arg)
! - spawn a system shell shell - spawn a system shell ! <command> [arguments…] - execute a single shell command shell <command> [arguments…] - execute a single shell command
- do_stack(arg)
[~thread] k - show the stack trace [~thread] stack - show the stack trace
- do_step(arg)
p - step on the current assembly instruction next - step on the current assembly instruction step - step on the current assembly instruction
- do_t(arg)
t - trace at the current assembly instruction trace - trace at the current assembly instruction
- do_threadlist(arg)
tl - show the threads being debugged threadlist - show the threads being debugged
- do_tl(arg)
tl - show the threads being debugged threadlist - show the threads being debugged
- do_trace(arg)
t - trace at the current assembly instruction trace - trace at the current assembly instruction
- do_u(arg)
[~thread] u [register] - show code disassembly [~process] u [address] - show code disassembly [~thread] disassemble [register] - show code disassembly [~process] disassemble [address] - show code disassembly
- do_windowed(arg)
windowed <target> [arguments…] - run a windowed program for debugging
- property lastcmd
str(object=’’) -> str str(bytes_or_buffer[, encoding[, errors]]) -> str
Create a new string object from the given object. If encoding or errors is specified, then the object must expose a data buffer that will be decoded using the given encoding and error handler. Otherwise, returns the result of object.__str__() (if defined) or repr(object). encoding defaults to sys.getdefaultencoding(). errors defaults to ‘strict’.
- parseline(line)
Parse the line into a command name and a string containing the arguments. Returns a tuple containing (command, args, line). ‘command’ and ‘args’ may be None if the line couldn’t be parsed.
- postcmd(stop, line)
Hook method executed just after a command dispatch is finished.
- preloop()
Hook method executed once when the cmdloop() method is called.
- property prompt
str(object=’’) -> str str(bytes_or_buffer[, encoding[, errors]]) -> str
Create a new string object from the given object. If encoding or errors is specified, then the object must expose a data buffer that will be decoded using the given encoding and error handler. Otherwise, returns the result of object.__str__() (if defined) or repr(object). encoding defaults to sys.getdefaultencoding(). errors defaults to ‘strict’.