sxe -c"!py loadModule.py comctl32 comdlg32 clr mscorwks" ld
However, I can't get the parameters working:
from pykd import *
event = lastEvent()
if event != eventType.LoadModule:
go()
details = dbgCommand(".lastevent")
# remove the debugger time
details = details.split("\n")[0]
# get everything behind "Load module"
details = details.split("Load module ")[1]
# remove address
details = details.split(" at ")[0]
# remove full path
details = details.split("\\")[-1]
# remove extension
details = ".".join(details.split(".")[0:-1])
prm = getParams()
if details in prm:
breakin()
go()
The problem is in the line "if details in prm"
SymbolException: pyDia: Call IDiaSession::findSymbolByRVAEx failed
Return value is 0x1: S_FALSE
How can I access the paramters (prm) in order to compare it with the module name (details)?
Comments: ** Comment from web user: strangedev **
Oh, it's related to the parameters of a function on a callstack...
I thought I can get the parameters passed to the loadModule.py script.
Knowing that, the solution is simple: use sys.argv instead. Sorry that I didn't try that before.
My full script is now:
from pykd import *
import sys
event = lastEvent()
if event != eventType.LoadModule:
go()
details = dbgCommand(".lastevent")
# remove the debugger time
details = details.split("\n")[0]
# get everything behind "Load module"
details = details.split("Load module ")[1]
# remove address
details = details.split(" at ")[0]
# remove full path
details = details.split("\\")[-1]
# remove extension
details = ".".join(details.split(".")[0:-1])
if details in sys.argv[1:]:
breakin()
And it can be called using
sxe -c"!py loadModule.py comctl32 comdlg32 clr mscorwks;g" ld